Trlinux » Postaci Webmail : Security Vulnerabilities, CVEs,
The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request.
Max CVSS
7.5
EPSS Score
0.54%
Published
2001-01-09
Updated
2008-09-05
1 vulnerabilities found