Calacode : Security Vulnerabilities, CVEs, (Bypass)
Calacode @Mail 5.41 on Linux does not require administrative authentication for build-plesk-upgrade.php, which allows remote attackers to obtain sensitive information by creating and downloading a backup archive of the entire @Mail directory tree. NOTE: this can be leveraged for remote exploitation of CVE-2008-3395. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.8
EPSS Score
0.30%
Published
2008-08-10
Updated
2017-08-08
1 vulnerabilities found