
We found results for “”
CVE-2012-4495
Good to know:

Date: October 31, 2012
The Mime Mail module 6.x-1.x before 6.x-1.1 for Drupal does not properly restrict access to files outside Drupal's publish files directory, which allows remote authenticated users to send arbitrary files as attachments.
Language: PHP
Severity Score
Severity Score
Weakness Type (CWE)
Permissions, Privileges, and Access Control
CWE-264Top Fix

CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | NETWORK |
Access Complexity (AC): | LOW |
Authentication (AU): | SINGLE |
Confidentiality (C): | NONE |
Integrity (I): | PARTIAL |
Availability (A): | NONE |
Additional information: |