VULHUB ™

A remote command execution vulnerability has been discovered in vpopmail-CGIApps v0.2. Due to insufficient sanitization of user domain form field, it is possible to insert malicious commands into the field, which later get executed by the system. Exploiting this issue allows a remote attacker to execute arbitrary system commands with the permissions of the mail server.

A remote command execution vulnerability has been discovered in vpopmail-CGIApps v0.2. Due to insufficient sanitization of user domain form field, it is possible to insert malicious commands into the field, which later get executed by the system. Exploiting this issue allows a remote attacker to execute arbitrary system commands with the permissions of the mail server.