CVE-2006-3566 Information

Description

search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation path via certain manipulations related to the (1) searchdate and (2) folderids parameters.

Reference

http://pridels0.blogspot.com/2006/07/hivemail-vuln.html http://securitytracker.com/id?1016531 http://www.osvdb.org/27104 https://exchange.xforce.ibmcloud.com/vulnerabilities/27696