webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the content parameter. NOTE: this can be leveraged for code execution by writing to a file under the web document root.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-11-05T14:51:00
Updated: 2018-10-11T19:57:01
Reserved: 2008-11-05T00:00:00
Link: CVE-2008-4932
JSON object: View
NVD Information
Status : Modified
Published: 2008-11-05T15:00:14.663
Modified: 2018-10-11T20:53:11.640
Link: CVE-2008-4932
JSON object: View
Redhat Information
No data.
CWE