4 matches found
CVE-2015-5382
program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the alt parameter when uploading a vCard...
CVE-2015-5382
program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the alt parameter when uploading a vCard...
CVE-2015-5382
The CVE-2015-5382 vulnerability affects Roundcube Webmail prior to 1.0.6 and 1.1.x prior to 1.1.2. Affected component: program/steps/addressbook/photo.inc. Root cause: information disclosure via the _alt parameter when uploading a vCard, allowing remote authenticated users to read arbitrary files...
Mageia: Security Advisory (MGASA-2015-0400)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...