VULHUB ™

SLWebmail has been reported prone to a file disclosure vulnerability. The issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters to the ShowGodLog.DLL library. Reportedly, by supplying an arbitrary filename, an attacker may exploit this vulnerability to disclose the contents of any anonymous Internet account readable file in the attacker's browser.

SLWebmail has been reported prone to a file disclosure vulnerability. The issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters to the ShowGodLog.DLL library. Reportedly, by supplying an arbitrary filename, an attacker may exploit this vulnerability to disclose the contents of any anonymous Internet account readable file in the attacker's browser.