{"vulnerability": "CVE-2010-5334", "sightings": [{"uuid": "94ee5711-f660-4d82-aa39-d7b2e0de5ecb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2010-5334", "type": "seen", "source": "https://t.me/cibsecurity/7378", "content": "ATENTION\u203c New - CVE-2010-5334\n\nIceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-10-11T14:36:42.000000Z"}, {"uuid": "b6bdad24-6a92-4f59-a1b3-779287feef4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2010-5334", "type": "seen", "source": "https://t.me/cibsecurity/7491", "content": "ATENTION\u203c New - CVE-2010-5334 (webclient)\n\nIceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parameter (_c to basic/index.html) is not properly sanitised and can therefore be exploited to browse the partition where IceWarp is installed (or the whole system) and read arbitrary files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-10-17T20:29:17.000000Z"}]}