The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover mailbox names by reading /var/log/magicspam/mslog.
References
Link | Resource |
---|---|
http://forums.wizard.ca/viewtopic.php?f=17&t=236760 | Vendor Advisory |
https://www.vulnerability-lab.com/get_content.php?id=2113 | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-01-14 04:29
Updated : 2024-02-28 16:04
NVD link : CVE-2018-5693
Mitre link : CVE-2018-5693
CVE.ORG link : CVE-2018-5693
JSON object : View
Products Affected
linuxmagic
- magicspam
CWE
CWE-532
Insertion of Sensitive Information into Log File