RSS   Vulnerabilities for 'U-mail webmail server'   RSS

2008-11-05
 
CVE-2008-4932

CWE-20
 

 
webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the content parameter. NOTE: this can be leveraged for code execution by writing to a file under the web document root.

 


Copyright 2024, cxsecurity.com

 

Back to Top