## https://sploitus.com/exploit?id=19DA4415-8E74-5A3D-A607-9C4C2078F697
# CVE-2021-26294 Exploit
Directory Traversal in Afterlogic webmail aurora and pro .
Description: AfterLogic Aurora and WebMail Pro products with 7.7.9 and all lower versions are affected by this vulnerability, simply sending an HTTP GET request to WebDAV EndPoint with built-in ācaldav_public_user@localhostā and itās the predefined password ācaldav_public_userā allows the attacker to read all files under the web root.
## Usage
```bash
python3 CVE-2021-26294.py http(s)://target:port
```
## Author
[D0rkerDevil](https://twitter.com/D0rkerDevil)