Mail Manage EX Remote File Include Vulnerability

vendor:

Mail Manage EX

by:

7.5

CVSS

HIGH

Remote File Include

CWE

Product Name: Mail Manage EX

Affected Version From: Mail Manage EX 3.1.8

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Mail Manage EX Remote File Include Vulnerability

The Mail Manage EX application is prone to a remote file include vulnerability. This vulnerability occurs due to insufficient sanitization of user-supplied data. A remote attacker can exploit this issue by including arbitrary PHP files located on remote servers.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize user-supplied data before using it in file inclusion operations. Additionally, restricting access to remote servers and implementing strong input validation can help prevent such attacks.

Source

Mail Manage EX Remote File Include Vulnerability

Mitigation:

Exploit-DB raw data: