RSS   Vulnerabilities for 'Postaci webmail'   RSS

2001-01-09
 
CVE-2000-1100

 

 
The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request.

 


Copyright 2024, cxsecurity.com

 

Back to Top