CVE-2023-35169

PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a remote code executio...

CVE-2023-35169 php-imap vulnerable to RCE through a directory traversal vulnerability

PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a remote code executio...

Directory Traversal

webklex/laravel-imap and webklex/php-imap are vulnerable to Directory Traversal. The vulnerability exists due to a lack of filename attachment sanitization which allows an attacker to save a file to an arbitrary location...

PHP-IMAP 路径遍历漏洞

PHP-IMAP is a common wrapper for IMAP communication in PHP open source. PHP-IMAP suffers from a path traversal vulnerability. An attacker exploiting this vulnerability could read arbitrary files on the server running the application, leading to remote code execution. Affected products and version...

php-imap vulnerable to RCE through a directory traversal vulnerability

Summary An unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability which results in a remote code execution vulnerability. Details An attacker can send an email with a malicious attachment to the inbox, which gets crawled with webklex/php-im...

GHSA-47P7-XFCC-4PV9 php-imap vulnerable to RCE through a directory traversal vulnerability

Summary An unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability which results in a remote code execution vulnerability. Details An attacker can send an email with a malicious attachment to the inbox, which gets crawled with webklex/php-im...