2 matches found
Directory traversal
Absolute path directory traversal vulnerability in a MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and b VisNetic MailServer before 8.5.0.5 allows remote attackers to include arbitrary files via a full Windows path and drive letter in the 1 language parameter in...
CVE-2005-4556
CVE-2005-4556 affects IceWarp Web Mail 5.5.1 (used by Merak Mail Server 8.3.0r and VisNetic Mail Server 8.3.0 build 1). When register_globals is on, remote attackers can exploit PHP remote file include via the lang_settings and language parameters in accounts/inc/include.php and admin/inc/include...