The Sambar webserver is running and the 'mailit.pl' cgi is installed. This CGI takes a POST request from any host and sends a mail to a supplied address.
remove it from /cgi-bin.
- OTRS Event Notification Information Disclosure Vulnerability
- MediaWiki 'profileinfo.php' Cross Site Scripting Vulnerability
- OTRS 'AgentTicketZoom' HTML Injection Vulnerability
- NewsPortal 'post.php' Cross Site Scripting Vulnerability
- Bugzilla Group Selection During Bug Creation Information Disclosure Vulnerability