{"uuid": "20c874ef-56e0-4276-b9aa-10cb708d49b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26294", "type": "seen", "source": "https://t.me/arpsyndicate/796", "content": "#ExploitObserverAlert\n\nCVE-2021-26294\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2021-26294. An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/.. when using the caldav_public_user account (with caldav_public_user as its password).\n\nFIRST-EPSS: 0.002650000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-30T07:58:47.000000Z"}