CVE-2005-4368

Published: Dec 20, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1), allows remote attackers to obtain the full path of the application via an invalid_task parameter, which leaks the path in an error message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20060117 Re: Fullpath disclosure in roundcube webmail

mailing-list

x_refsource_BUGTRAQ

20051217 Re: Fullpath disclosure in roundcube webmail

mailing-list

x_refsource_BUGTRAQ

20051217 Fullpath disclosure in roundcube webmail

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-4368

Description

Affected Products

References