cvedb.io
CVE-2018-18703
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2018-10-29T12:29:05.057 · Last modified 2026-06-17T01:47:43.277

Summary

PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter.

Affected products

phptpoint — mailing_server_using_file_handling

Does this affect you?

Add your gear to cvedb and we'll alert you only when phptpoint ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.