vendor:
MailBee Objects
by:
darkl0rd
7.5
CVSS
HIGH
Insecure Method
20
CWE
Product Name: MailBee Objects
Affected Version From: v5.5
Affected Version To: v5.5
Patch Exists: YES
Related CWE: N/A
CPE: a:afterlogic:mailbee_objects
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP Professional SP2
2008
MailBee Objects v5.5 (MailBee.dll) Insecure Method
A vulnerability exists in MailBee Objects v5.5 (MailBee.dll) which allows an attacker to save files to the system and create files on the system. This is due to the application not properly validating user-supplied input before using it to execute system commands. An attacker can exploit this vulnerability to save files to the system and create files on the system.
Mitigation:
Upgrade to the latest version of MailBee Objects v5.5 (MailBee.dll)