Lucene search
K

5 matches found

NVD
NVD
added 2017/10/24 2:29 p.m.21 views

CVE-2014-1203

The getloginipconfigfile function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/iploginset/diploginget.php...

9.8CVSS9.8AI score0.15647EPSS
Exploits0References1
Prion
Prion
added 2017/10/24 2:29 p.m.13 views

Design/Logic Flaw

The getloginipconfigfile function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/iploginset/diploginget.php...

7.5CVSS8.2AI score0.15647EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/10/24 2:0 p.m.25 views

CVE-2014-1203

The getloginipconfigfile function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/iploginset/diploginget.php...

9.9AI score0.15647EPSS
Exploits0References1
CVE
CVE
added 2017/10/24 2:0 p.m.62 views

CVE-2014-1203

The NUCLEI template confirms CVE-2014-1203 affects Eyou Mail System prior to 3.6, with a remote code execution via get_login_ip_config_file that processes shell metacharacters in the domain parameter to admin/domain/ip_login_set/d_ip_login_get.php. The vulnerability stems from the get_login_ip_co...

9.8CVSS9.8AI score0.15647EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2014/01/08 12:0 a.m.34 views

Eyou Mail System Remote Code Execution

Hi! The Eyou Mail System have a Remote Code Execution in \inc\fuction.php.It affects version below 3.6. The Vulnerability fuction is getloginipconfigfile in \inc\fuction.php. function getloginipconfigfile$domain, $file $dir = '/var/eyou/Domain/'; $dirmail = exec'/var/eyou/sbin/hashid '.$domain;...

0.3AI score
Exploits0
Rows per page
Query Builder