Vulnerabilities > CVE-2002-1527 - Path Disclosure vulnerability in Emumail EMU Webmail 5.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
emumail
exploit available
NVD
Published: 2003-04-02
Updated: 2008-09-05

Summary

emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.

Vulnerable Configurations

Part Description Count
Application
Emumail
1

Exploit-Db

descriptionEmuMail 5.0 Web Root Path Disclosure Vulnerability. CVE-2002-1527. Webapps exploit for cgi platform
idEDB-ID:21877
last seen2016-02-02
modified2002-09-29
published2002-09-29
reporterFVS
sourcehttps://www.exploit-db.com/download/21877/
titleEmuMail 5.0 Web Root Path Disclosure Vulnerability

References