Uebimiau Webmail Information Disclosure Vulnerability Network Vulnerability

Summary

This host is running Uebimiau Webmail and is prone to Information Disclosure Vulnerability.

Impact

Successful exploitation will allow attacker to gain sensitive information in the context of the affected web application. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Insight

Error is due to an improper sanitization of user supplied input in the 'system_admin/admin.ucf' file.

Affected

Uebimiau Webmail version 3.2.0-2.0

References

http://xforce.iss.net/xforce/xfdb/52724

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-3199

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
Apache Archiva Home Page Cross-Site Scripting vulnerability
Apache Tomcat Directory Listing and File disclosure
12Planet Chat Server one2planet.infolet.InfoServlet XSS
AN Guestbook Local File Inclusion Vulnerability

Take action and discover your vulnerabilities