Madirish Webmail GLOBALS[basedir] Parameter Remote File Include Vulnerabilities

Bugtraq ID: 24059
Class: Input Validation Error
CVE: CVE-2007-2826
CVE-2007-3058
Remote: Yes
Local: No
Published: May 19 2007 12:00AM
Updated: Jun 20 2007 08:39PM
Credit: BoZKuRTSeRDaR is credited with the discovery of the issue affecting 'lib/addressbook.php'. The other issues were reported to Symantec by the vendor.
Vulnerable: Madirish Webmail Madirish Webmail 2.0
Not Vulnerable: Madirish Webmail Madirish Webmail 2.01


 

Privacy Statement
Copyright 2010, SecurityFocus