Mail8 Vulnerability
Mail8 is a simple webmail application written in PHP which can be used and integrated in any Email Server supporting IMAP protocol. It's released by 8Layer. I became aware of them when I saw this thread on the Linuxjobs.ph mailing list. I downloaded Mail8 and had a quick look at it. compose.php doesn't seem to have any session control and allows php files to be uploaded to the attachments folder. So quite easy to upload a php shell and get command execution (depending on the servers' php setup).
*I need to have someone verify the flaw since I was in a hurry when I did this and I have limited access to a webserver nowadays. I also think attach.php can be called directly anyways =)
*I need to have someone verify the flaw since I was in a hurry when I did this and I have limited access to a webserver nowadays. I also think attach.php can be called directly anyways =)
Post a Comment
