10 matches found
VulnCheck KEV: CVE-2025-68645
A Local File Inclusion LFI vulnerability exists in the Webmail Classic UI of Zimbra Collaboration ZCS 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influenc...
📄 Zimbra Collaboration 10.0 / 10.1 Local File Inclusion
This is a proof of concept exploiting a local file inclusion vulnerability existing in the Webmail Classic UI of Zimbra Collaboration ZCS versions 10.0 and 10.1. The issue is due to improper handling of user-supplied request parameters in the RestFilter servlet. zimbramail-CVE-2025-68645-poc A...
Exploit for CVE-2025-68645
zimbramail-CVE-2025-68645-poc A proof-of-concept exp...
CVE-2025-68645
A Local File Inclusion LFI vulnerability exists in the Webmail Classic UI of Zimbra Collaboration ZCS 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influenc...
CVE-2025-68645
A Local File Inclusion LFI vulnerability exists in the Webmail Classic UI of Zimbra Collaboration ZCS 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influenc...
CVE-2025-68645
A Local File Inclusion LFI vulnerability exists in the Webmail Classic UI of Zimbra Collaboration ZCS 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influenc...
CVE-2025-68645
Summary: CVE-2025-68645 is a Local File Inclusion in Zimbra Collaboration (ZCS) Webmail Classic UI (10.0/10.1) caused by improper handling in the RestFilter servlet. An unauthenticated attacker can craft requests to the /h/rest endpoint to influence internal request dispatching and include arbitr...
EUVD-2024-52646
Malicious code in bioql PyPI...
CVE-2024-54663
An issue was discovered in the Webmail Classic UI in Zimbra Collaboration ZCS 9.0 and 10.0 and 10.1. A Local File Inclusion LFI vulnerability exists in the /h/rest endpoint, allowing authenticated remote attackers to include and access sensitive files in the WebRoot directory. Exploitation requir...
CVE-2024-54663
An issue was discovered in the Webmail Classic UI in Zimbra Collaboration ZCS 9.0 and 10.0 and 10.1. A Local File Inclusion LFI vulnerability exists in the /h/rest endpoint, allowing authenticated remote attackers to include and access sensitive files in the WebRoot directory. Exploitation requir...