CVE-2008-4932

U-Mail Webmail Server 4.91 - Arbitrary File Write via Filesystem Module Path Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4932. PoCs published by Shennan Wang.

AI-analyzed exploit summary This exploit leverages an input validation error in U-Mail Webmail's 'edit.php' to write arbitrary files via a malicious HTTP POST request. The payload includes PHP code that executes system commands via $_GET[cmd], enabling remote code execution (RCE).

Description

webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the content parameter. NOTE: this can be leveraged for code execution by writing to a file under the web document root.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Shennan Wang · textwebappsphp

https://www.exploit-db.com/exploits/6898

View Code ZIP pw:eip

This exploit leverages an input validation error in U-Mail Webmail's 'edit.php' to write arbitrary files via a malicious HTTP POST request. The payload includes PHP code that executes system commands via $_GET[cmd], enabling remote code execution (RCE).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: U-Mail Webmail 4.91

Auth required

Prerequisites: Valid authentication credentials · Access to the 'edit.php' endpoint

MITRE ATT&CK