RSS   Vulnerabilities for 'Phlymail lite'   RSS

2006-08-28
 
CVE-2006-4429

 

 
** DISPUTED ** PHP remote file inclusion vulnerability in handlers/email/mod.output.php in PHlyMail Lite 3.4.4 and earlier (Build 3.04.04) allows remote attackers to execute arbitrary PHP code via a URL in the _PM_[path][handler] parameter, a different vector than CVE-2006-4291. NOTE: This issue has been disputed by a third party, who states that the _IN_PHM_ declaration prevents this file from being called directly.

 
2006-08-22
 
CVE-2006-4291

 

 
PHP remote file inclusion vulnerability in handlers/email/mod.listmail.php in PHlyMail Lite 3.4.4 and earlier (Build 3.04.04) allows remote attackers to execute arbitrary PHP code via a URL in the _PM_[path][handler] parameter.

 

 >>> Vendor: Phlymail 2 Products
Phlymail
Phlymail lite


Copyright 2024, cxsecurity.com

 

Back to Top