Vuln Dev
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Atmail Remote Authentication Bypass, Full DB Compromise Jul 30 2008 03:33PM
free_julie_amero hush com
@Mail PHP Version 5.41 patch Release
http://atmail.com/demo/atmailphpdemo.tgz

The default install of Atmail 5.41 creates the following
file in the atmail/ directory: build-plesk-upgrade.php

If that file is called via http, such as: http://example.com/atmail/build-plesk-upgrade.php
it will execute...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus