MRatWork Forum by Mustafa Ramadhan

Sawo Project - Kloxo-MR Discussions => Kloxo-MR Bugs and Requests => Topic started by: Spacedust on 2014-03-03, 14:13:24

Title: Critial security bug in Afterlogic Webmail !
Post by: Spacedust on 2014-03-03, 14:13:24: The data folder must be placed outside /home/kloxo/httpd/webmail !

In other case everyone can read our mails !

Please see the proof:

(http://pics.tinypic.pl/i/00505/2llw52px57ey.jpg)

(http://pics.tinypic.pl/i/00505/q8mjs4tr1pr6.jpg)

(http://files.tinypic.pl/i/00505/ybwcmqnugw9y.jpg)

(http://images.tinypic.pl/i/00505/lh5ne204gwle.jpg)

If you put the data folder outside of /home/kloxo/httpd/webmail then we are safe:

(http://images.tinypic.pl/i/00505/xif3mbq2xazb.jpg)

SMF 2.0.15 | SMF © 2017, Simple Machines