2 matches found
CVE-2001-1258
Horde Internet Messaging Program IMP before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server...
CVE-2001-1258
CVE-2001-1258 affects the Horde IMP before 2.2.6. According to the Debian DSA-073-1 advisory and related sources, a hostile user who can place a publicly readable prefs.lang file on the Apache/PHP server can have that file executed as PHP code, enabling access to config data and potentially the H...