Woppoware PostMaster Multiple Input Validation and Information Disclosure Vulnerabilities

PostMaster is prone to multiple input validation and information disclosure vulnerabilities.

These issue could permit a remote attacker to gain access to arbitrary user accounts, manipulate site content to perform cross-site scripting attacks, enumerate arbitrary files on the affected server or provide an attacker with additional information to aid in password brute force attacks.

These issues are reported to affect PostMaster version 4.2.2; other versions may also be vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus