Insecure Password Validation in Extremail 1.5.9 Allows Remote Privilege Escalation

Insecure Password Validation in Extremail 1.5.9 Allows Remote Privilege Escalation

CVE-2004-0332 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Extremail 1.5.9 does not check passwords correctly when they are all digits or begin with a digit, which allows remote attackers to gain privileges.

Learn more about our Web Application Penetration Testing UK.