CVE-2008-4932

CVE-2008-4932 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the content parameter. NOTE: this can be leveraged for code execution by writing to a file under the web document root.

Learn more about our Cis Benchmark Audit For Server Software.