The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover mailbox names by reading /var/log/magicspam/mslog.
References
Link | Resource |
---|---|
http://forums.wizard.ca/viewtopic.php?f=17&t=236760 | Vendor Advisory |
https://www.vulnerability-lab.com/get_content.php?id=2113 | Exploit Third Party Advisory |
http://forums.wizard.ca/viewtopic.php?f=17&t=236760 | Vendor Advisory |
https://www.vulnerability-lab.com/get_content.php?id=2113 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 04:09
Type | Values Removed | Values Added |
---|---|---|
References | () http://forums.wizard.ca/viewtopic.php?f=17&t=236760 - Vendor Advisory | |
References | () https://www.vulnerability-lab.com/get_content.php?id=2113 - Exploit, Third Party Advisory |
Information
Published : 2018-01-14 04:29
Updated : 2024-11-21 04:09
NVD link : CVE-2018-5693
Mitre link : CVE-2018-5693
CVE.ORG link : CVE-2018-5693
JSON object : View
Products Affected
linuxmagic
- magicspam
CWE
CWE-532
Insertion of Sensitive Information into Log File