(ask) tolong ya
Posted: Sun Mar 14, 2010 11:33 am
mau nyanya nih ..
setelah saya scan vulnerability web.
dapet nih bagian website yang kena .
deskripsinya gini
"PhpWebMail is a php webmail system that supports imap or pop3. It has been reported that PHPwebmail 2.3 is vulnerable. The vulnerability allows phpwebmail users to gain access to arbitrary file system by changing the parameters in the URL used for sending mail (send_mail.php). More info at http://eagle.kecapi.com/sec/fd/phpwebmail.html.
This vulnerability affects /src/redirect.php (POST login_username=&secretkey=&js_autodetect_results=0&just_logged_in=1). "
filetype:php login intitle:"phpWebMail|WebMail"
/src/redirect.php (POST login_username=&secretkey=&js_autodetect_results=0&just_logged_in=1).
berarti kita bisa masuk ke webmail tanpa mengetahui username dan password kan ?
setelah saya scan vulnerability web.
dapet nih bagian website yang kena .
deskripsinya gini
"PhpWebMail is a php webmail system that supports imap or pop3. It has been reported that PHPwebmail 2.3 is vulnerable. The vulnerability allows phpwebmail users to gain access to arbitrary file system by changing the parameters in the URL used for sending mail (send_mail.php). More info at http://eagle.kecapi.com/sec/fd/phpwebmail.html.
This vulnerability affects /src/redirect.php (POST login_username=&secretkey=&js_autodetect_results=0&just_logged_in=1). "
filetype:php login intitle:"phpWebMail|WebMail"
/src/redirect.php (POST login_username=&secretkey=&js_autodetect_results=0&just_logged_in=1).
berarti kita bisa masuk ke webmail tanpa mengetahui username dan password kan ?