https://www.exploit-db.com/exploits/24723
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200501-118

MailPost是一个32位Windows系统中WebServer的CGI程序。MailPost5.1.1sv及之前版本存在信息泄露漏洞。根据请求的文件是否存在，MailPost会显示不同的错误消息，这使得远程攻击者可能获得敏感信息。

source: http://www.securityfocus.com/bid/11599/info

TIPS MailPost is affected by a remote file enumeration vulnerability. This issue is due to a failure to properly sanitize user requests.

An attacker may leverage this issue to gain knowledge of the existence of files outside the Web root directory. Information disclosed in this way may facilitate further attacks.

http://www.example.com/scripts/mailpost.exe/..%255c..%255c..%255cwinnt/system.ini?*nosend*=&[email protected]

来源:US-CERTVulnerabilityNote
名称:VU#306086
链接:http://www.kb.cert.org/vuls/id/306086
来源:XF
名称:mailpost-get-info-disclosure(17954)
链接:http://xforce.iss.net/xforce/xfdb/17954
来源:BID
名称:11599
链接:http://www.securityfocus.com/bid/11599
来源:MISC
链接:http://www.procheckup.com/security_info/vuln_pr0408.html