3 matches found
EUVD-2008-4911
Malware in sbrugna...
Remote code execution
webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the content parameter. NOTE: this can be leveraged for code execution by writing to a file under the web...
CVE-2008-4932
CVE-2008-4932 affects U-Mail Webmail server 4.91 via webmail/modules/filesystem/edit.php. An attacker can remotely overwrite arbitrary files by supplying an absolute pathname in the path parameter and arbitrary content in the content parameter; writing PHP code to a file within the web document r...