CVE-2006-1031

Igenus Webmail - Code Injection

Title source: rule
STIX 2.1

Description

config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by rgod · perlwebappsphp
https://www.exploit-db.com/exploits/1527

References (6)

Scores

EPSS 0.0531
EPSS Percentile 90.1%

Details

CWE
CWE-94
Status published
Products (3)
igenus/igenus_webmail 2.0
igenus/igenus_webmail 2.01
igenus/igenus_webmail 2.02
Published Mar 07, 2006
Tracked Since Feb 18, 2026