Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2010-3486
HistorySep 22, 2010 - 8:00 p.m.

CVE-2010-3486

2010-09-2220:00:10
CWE-22
mitre
web.nvd.nist.gov
30
cve
2010
3486
directory traversal
vulnerability
smartermail

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.01

Percentile

83.7%

JSON

Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote attackers to read arbitrary files via a (1) …/ (dot dot slash), (2) %5C (encoded backslash), or (3) %255c (double-encoded backslash) in the name parameter.

Affected configurations

Nvd
Node
smartertoolssmartermailMatch7.1.3876
VendorProductVersionCPE
smartertoolssmartermail7.1.3876cpe:2.3:a:smartertools:smartermail:7.1.3876:*:*:*:*:*:*:*

Related

cvelist 1
zdt 3
packetstorm 3
openvas 1
exploitpack 3
prion 1
exploitdb 4
nvd 1
seebug 1
cvelist
cvelist
CVE-2010-3486
2010-09-22 19:00:00
zdt
zdt
SmarterMail 7.x (7.2.3925) Stored Cross Site Scripting Vulnerability
2010-10-03 00:00:00
SmarterMail 7.x (7.2.3925) LDAP Injection Vulnerability
2010-10-03 00:00:00
SmarterMail 7.3 and 7.4 Multiple Vulnerabilities
2011-03-11 00:00:00
packetstorm
packetstorm
SmarterMail 7.x Cross Site Scripting
2010-10-04 00:00:00
SmarterMail 7.x LDAP Injection
2010-10-04 00:00:00
SmarterMail 7.x Cross Site Scripting / Shell Upload / Traversal
2011-03-10 00:00:00
openvas
openvas
SmarterMail Directory Traversal Vulnerability
2010-10-01 00:00:00
exploitpack
exploitpack
SmarterMail 7.2.3925 - LDAP Injection
2010-10-02 00:00:00
SmarterMail 7.2.3925 - Persistent Cross-Site Scripting
2010-10-02 00:00:00
SmarterMail 7.37.4 - Multiple Vulnerabilities
2011-03-10 00:00:00
prion
prion
Directory traversal
2010-09-22 20:00:00
exploitdb
exploitdb
SmarterMail < 7.2.3925 - LDAP Injection
2010-10-02 00:00:00
SmarterMail 7.1.3876 - Directory Traversal
2010-09-19 00:00:00
SmarterMail 7.3/7.4 - Multiple Vulnerabilities
2011-03-10 00:00:00
nvd
nvd
CVE-2010-3486
2010-09-22 20:00:10
seebug
seebug
smartermail 7.3 & 7.4 - Multiple Vulnerabilities
2014-07-01 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.01

Percentile

83.7%

JSON
Related for CVE-2010-3486
cvelist1zdt3packetstorm3openvas1exploitpack3prion1exploitdb4nvd1seebug1