[24970] in bugtraq
emumail.cgi
daemon@ATHENA.MIT.EDU (acidneo@altern.org)
Thu Apr 4 12:38:27 2002
Message-ID: <20020404011112.12478.qmail@securityfocus.com>
Date: Thu, 4 Apr 2002 03:17:16 +0200 (CEST)
From: <acidneo@altern.org>
To: BugTraq@securityfocus.org
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
name : emumail.cgi
date : 04/04/2002
description : EMU Webmail: how to check your email
from the web.
severity : Low/average-risk
homepage : www.emumail.com
Any user can view files on the remote system:
xxx/PATH/emumail.cgi?type=FILE%00
The vendor were contact about that
