Topic: session corruption

Sort by: Relevance | Date
  • 84,000+ Roundcube Servers at Risk from Active Exploit
    June 11, 2025
    80%

    84,000+ Roundcube Servers at Risk from Active Exploit

    A critical vulnerability (CVE-2025-49113) in Roundcube webmail servers (versions 1.1.0–1.6.10) exposes over 84,000 systems to remote code execution due to improper input sanitization in the `$_GET['_from']` parameter. Attackers can exploit the flaw via CSRF, credential scraping, or brute-force te...

    Read More »

Related Topics

Mitigation Strategies (1) roundcube vulnerability cve-2025-49113 (1) php object deserialization (1) remote code execution rce flaw (1) public exploit availability (1) vulnerable roundcube versions (1) geographic distribution vulnerable instances (1) csrf attack potential (1)