Maia Mailguard 1.0.2 - 'login.php' Multiple Local File Inclusions



EKU-ID: 35364 CVE: CVE-2007-3619;OSVDB-37884 OSVDB-ID:
Author: Adriel T. Desautels Published: 2007-07-05 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/24770/info

Maia Mailguard is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.

Exploiting these issues may allow an unauthorized user to view files and execute local scripts.

These issues affects Maia Mailguard 1.0.2 and prior versions.

http://www.example.com/maia/login.php?lang=../../../../../../../../../../../../../var/log/httpd-error.log%00.txt