Open Webmail : Security Vulnerabilities, CVEs, Published In 2002 (Information Leak)

CVE-2002-2410

openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks and obtain certain configuration and version information.
Max CVSS
5.0
EPSS Score
0.29%
Published
2002-12-31
Updated
2008-09-05
1 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close