Unrated severityNVD Advisory· Published Feb 4, 2011· Updated Apr 29, 2026
CVE-2011-0049
CVE-2011-0049
Description
Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- bug628064.bugzilla.mozilla.org/attachment.cginvdPatch
- www.securityfocus.com/bid/46127nvdExploit
- bugzilla.mozilla.org/show_bug.cginvdExploitPatch
- sitewat.ch/en/Advisory/View/1nvdExploitURL Repurposed
- secunia.com/advisories/43125nvdVendor Advisory
- www.kb.cert.org/vuls/id/363726nvdUS Government Resource
- osvdb.org/70762nvd
- securityreason.com/securityalert/8061nvd
- www.exploit-db.com/exploits/16103nvd
- www.securityfocus.com/archive/1/516150/100/0/threadednvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2011/0288nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/65113nvd
News mentions
0No linked articles in our index yet.