Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other usersβ mail and perform operations on arbitrary directories via β¦ sequences in the (1) SELECT, (2) CREATE, (3) DELETE, and (4) RENAME commands.