CVE-2008-0210 (Webmail) |
|
| BugsAlert Home > CVE-2008-0210 (Webmail) | |
|
Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set through HTTP requests, which allows remote attackers to bypass authentication via a sess[auth]=1 parameter settting. NOTE: this can be leveraged to conduct directory traversal attacks without authentication by using CVE-2008-0140. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0210 Learn more about CVE-2008-0210 (Webmail) |
|
| Tags: cve-2008-0210 webmail | |
Related Items |
|
|
March Networks 3204 DVR Logfile Information Disclosure
|
|
|
Storm Goes Economic
|
|
|
Vuln: Retired: Microsoft Windows GDI 'CreateDIBPatternBrushPt' Function Heap Overflow Vulnerability
|
|
|
CVE-2008-1972 (Exponent CMS)
|
|
|
CVE-2008-3069 (MyBB)
|
|
|
A Million Search Strings to Get Infected
|
|
|
FrSIRT - Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues
|
|
