7 matches found
EUVD-2013-7000
Malware in sbrugna...
http-vuln-cve2013-7091 NSE Script
An 0 day was released on the 6th December 2013 by rubina119, and was patched in Zimbra 7.2.6. The vulnerability is a local file inclusion that can retrieve any file from the server. Currently, we read /etc/passwd and /dev/null, and compare the lengths to determine vulnerability. TODO: Add the...
CVE-2013-7217
Technical details for CVE-2013-7217 are not publicly provided in the connected documents. The materials reference an unspecified high-severity Zimbra vulnerability without concrete affected versions, vectors, or fixes. Monitor for updates.
CVE-2013-7217
Unspecified vulnerability in Zimbra Collaboration Server 7.2.5 and earlier, and 8.0.x through 8.0.5, has "critical" impact and unspecified vectors, a different vulnerability than CVE-2013-7091...
Zimbra Collaboration Server LFI
This module exploits a local file inclusion on Zimbra 8.0.2 and 7.2.2. The vulnerability allows an attacker to get the LDAP credentials from the localconfig.xml file. The stolen credentials allow the attacker to make requests to the service/admin/soap API. This can then be used to create an...
CVE-2013-7091
CVE-2013-7091 affects Zimbra Collaboration Server 7.2.2 and 8.0.2 via a directory traversal/LFI vulnerability in the skin files (I18nMsg, AjxMsg, ZMsg, ZmMsg, etc.) that can read arbitrary server files by manipulating the skin parameter. The underlying issue is improper sanitization allowing a ‘....
CVE-2013-7091
creationtimestamp| type| source ---|---|--- 2013-12-06 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/30085 2013-12-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/30472 2018-05-29 15:50:33+00:00| seen|...