VULHUB ™

WorldClient is a web interface packaged with MDaemon, an email server for Microsoft Windows. An input validation vulnerability exists in WorldClient that allows for an attacker to delete an arbitrary file on the webserver that it resides on. The vulnerability is due to a lack of input validation on the supplied filename for an attachment delete operation.

WorldClient is a web interface packaged with MDaemon, an email server for Microsoft Windows. An input validation vulnerability exists in WorldClient that allows for an attacker to delete an arbitrary file on the webserver that it resides on. The vulnerability is due to a lack of input validation on the supplied filename for an attachment delete operation.