header-logo
Suggest Exploit
vendor:
Maia Mailguard
by:
Unknown
5.5
CVSS
MEDIUM
Local File-Include
CWE
Product Name: Maia Mailguard
Affected Version From: 1.0.2 and prior versions
Affected Version To: 1.0.2
Patch Exists: NO
Related CWE: Not provided
CPE: a:maia_mailguard:maia_mailguard:1.0.2
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Multiple Local File-Include Vulnerabilities in Maia Mailguard

The Maia Mailguard application fails to properly sanitize user-supplied input, leading to multiple local file-include vulnerabilities. Exploiting these vulnerabilities may allow an unauthorized user to view files and execute local scripts.

Mitigation:

Apply the latest patch or update to a version that has addressed these vulnerabilities. Avoid inputting user-supplied data without proper validation and sanitization.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24770/info

Maia Mailguard is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.

Exploiting these issues may allow an unauthorized user to view files and execute local scripts.

These issues affects Maia Mailguard 1.0.2 and prior versions. 

http://www.example.com/maia/login.php?lang=../../../../../../../../../../../../../var/log/httpd-error.log%00.txt

Navigation

Suggest Exploit

Services By CQR