9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
7.3 High
AI Score
Confidence
High
0.046 Low
EPSS
Percentile
92.6%
webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the content parameter. NOTE: this can be leveraged for code execution by writing to a file under the web document root.
CPE | Name | Operator | Version |
---|---|---|---|
comingchina:u-mail_webmail_server | comingchina u-mail webmail server | eq | 4.91 |