Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Analogic Poste.io Roundcube组件安全漏洞
Vulnerability Description
Analogic Poste.io是一款全功能邮件服务器。该产品支持SMTP、IMAP、POP3等协议,并具有反垃圾邮件、防病毒和Web管理等功能。Roundcube是其中的一个基于Web的IMAP电子邮件客户端组件。该产品支持SMTP、IMAP、POP3等协议,并具有反垃圾邮件、防病毒和Web管理等功能。 Analogic Poste.io 2.1.6版本中的Roundcube组件存在安全漏洞。攻击者可借助webmail/logs/sendmail URI利用该漏洞读取日志。
CVSS Information
N/A
Vulnerability Type
N/A