Vulnerabilities > Phptpoint > Mailing Server Using File Handling > High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-29	CVE-2018-18703	Path Traversal vulnerability in PHPtpoint Mailing Server Using File Handling 1.0 PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter. network low complexity phptpoint CWE-22	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.