QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2000-1100

Back to search

CVE-2000-1100

Published: Dec 19, 2000

Modified: Aug 8, 2024

PUBLISHED

Description

The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request.

VendorProductVersions

n/a

n/a

affected
n/a

References

20001130 PostACI Webmail Vulnerability
mailing-list
x_refsource_BUGTRAQ
2029
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now