2006-03-07 11:00:00
mitre
PUBLISHED
config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter.