Vulnerabilities > Uebimiau > Webmail > 2.7.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-01-10 | CVE-2008-0210 | Improper Authentication vulnerability in Uebimiau Webmail 2.7.10/2.7.2 Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set through HTTP requests, which allows remote attackers to bypass authentication via a sess[auth]=1 parameter settting. | 6.4 |
2008-01-08 | CVE-2008-0140 | Path Traversal vulnerability in Uebimiau Webmail 2.7.10/2.7.2 Directory traversal vulnerability in error.php in Uebimiau Webmail 2.7.10 and 2.7.2 allows remote authenticated users to read arbitrary files via a .. | 6.4 |