Merak Mail Server Arbitrary File Deletion Vulnerability

Merak Mail Server Arbitrary File Deletion Vulnerability

An exploit is not required.

Example URI have been provided:

http://www.example.com:32000/mail/logout.html?id=[relative path]
http://www.example.com:32000/mail/logout.html?id=[relative path]%00blabla