Intrusion Prevention

HiveMail.Multiple.Scripts.PHP.File.Inclusion

Description

HiveMail has multiple remote eval injection vulnerabilities. A remote attacker could execute arbitrary scripts on the web server with the privileges of the server via a specially-crafted URL request to multiple script files.

Affected Products

HiveMail version 1.3 and prior.

Impact

Gain Access.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.
http://www.hivemail.com/

CVE References

CVE-2006-0757