QwikSec

Security Database

CVE

CWE

Training

CVE-2005-4556

Published: Dec 28, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when register_globals is enabled, allows remote attackers to include arbitrary local and remote PHP files via a URL in the (1) lang_settings and (2) language parameters in (a) accounts/inc/include.php and (b) admin/inc/include.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_SECTRACK

20051227 Secunia Research: IceWarp Web Mail Multiple File

mailing-list

x_refsource_FULLDISC

http://secunia.com/secunia_research/2005-62/advisory/

x_refsource_MISC

20051227 Secunia Research: IceWarp Web Mail Multiple File InclusionVulnerabilities

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.