Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Horde IMP 2.2.7存在路径泄露漏洞
Vulnerability Description
IMP是一款基于Web的强大的邮件程序,它由Horde项目组开发。可使用在Linux/Unix或者Microsoft Windows操作系统下。 Horde IMP在部分脚本代码处理中存在漏洞,可导致Web路径信息泄露。 Horde IMP中的poppassd.php3、login.php3、spelling.php3、ldap.search.php3?ldap_serv=nonsense脚本代码处理存在问题,请求这些脚本会返回包含Web路径的错误信息。 通过获得这些信息,攻击者可以对系统进行进一步的深入
CVSS Information
N/A
Vulnerability Type
N/A