Description

Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory.

Remediation

References

CVE-2015-5383

Related Vulnerabilities

WordPress Plugin Easy Forms for MailChimp Unspecified Vulnerability (6.3.11)

Phusion Passenger Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-12029)

WordPress Plugin BackUpWordPress Unspecified Vulnerability (3.12)

WordPress Plugin Ultimate Appointment Booking & Scheduling Unspecified Vulnerability (1.1.10)

WordPress Plugin Ultimate WP Query Search Filter Cross-Site Scripting (1.0.10)

Severity

High

Classification

CVE-2015-5383 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities