CVE-2009-3199

Metadata

CVE-2009-3199
5.0
exploit-db.com, exchange.xforce.ibmcloud.com
2009-09-15
2017-09-19 07:07

Description

Uebimiau Webmail 3.2.0-2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database with usernames and password hashes via a direct request for system_admin/admin.ucf.

Related Vulnerabilities