cpe:/a:atmail:atmail_open:1.04::open-source CVE-2012-1918 2012-03-27T15:55:02.457-04:00 2017-12-12T21:29:06.733-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2012-03-28T10:07:00.000-04:00 SECUNIA 47012 CERT-VN VU#743555 XF atmail-sendmsg-directory-traversal(74504) CONFIRM http://atmail.org/download/atmailopen.tgz MISC http://en.securitylab.ru/lab/PT-2011-48 Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @Mail WebMail Client in AtMail Open-Source before 1.05 allow remote attackers to read arbitrary files via a .. (dot dot) in the Attachment[] parameter.