Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in lib/session.php in Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary IMAP commands via a CRLF sequence in a mailbox name. NOTE: the attack crosses privilege boundaries if the IMAP server configuration prevents a user from establishing a direct IMAP session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hastymail IMAP/SMTP远程命令注入漏洞
Vulnerability Description
Hastymail是一个用PHP编写的快速、安全、兼容RFC、跨平台的IMAP/SMTP客户端应用程序。 Hastymail在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上执行任意命令。拥有有效Hastymail帐号的用户可以通过在Hastymail变量中嵌入"命令结束"序列直接向IMAP或SMTP服务器发送命令。远程攻击者可以绕过安全限制,尝试攻击IMAP或SMTP服务。
CVSS Information
N/A
Vulnerability Type
N/A