CVE-2000-0977

Name of the Vulnerable Software and Affected Versions MailFile version 1.10

Description The issue allows remote attackers to read arbitrary files by specifying the target file name in the filename parameter in a POST request. This request is then sent by email to the address specified in the email parameter.

Recommendations For MailFile version 1.10, consider restricting access to the mailfile.cgi CGI program until a patch is available, or avoid using the filename parameter in the affected POST request to minimize the risk of exploitation.