Exploitation Summary
EIP tracks 1 public exploit for CVE-2002-2165. PoCs published by Security Bugware.
AI-analyzed exploit summary This writeup describes an information leakage vulnerability in IMHO Roxen webmail where the REFERER header is exposed, potentially allowing session hijacking. The attacker must first authenticate, log out, and then access a specific error URL to leak the REFERER.
Description
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.
Exploits (1)
This writeup describes an information leakage vulnerability in IMHO Roxen webmail where the REFERER header is exposed, potentially allowing session hijacking. The attacker must first authenticate, log out, and then access a specific error URL to leak the REFERER.