Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Calacode @Mail 5.41 on Linux does not require administrative authentication for build-plesk-upgrade.php, which allows remote attackers to obtain sensitive information by creating and downloading a backup archive of the entire @Mail directory tree. NOTE: this can be leveraged for remote exploitation of CVE-2008-3395. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Calacode @Mail build-plesk-upgrade.php 信息泄露漏洞
Vulnerability Description
Calacode @Mail是一套WebMail系统。 Linux平台上的Calacode @Mail 5.41版本存在信息泄露漏洞。由于并不对build-plesk-upgrade.php进行管理身份认证,这使得远程攻击者可以通过创建和下载整个@Mail目录子目录结构的备份存档文件,获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A