CVE-2023-48381

Name of the Vulnerable Software and Affected Versions Softnext Mail SQR Expert (affected versions not specified)

Description The issue is a Local File Inclusion (LFI) vulnerability in a special URL, allowing an unauthenticated remote attacker to execute arbitrary PHP files with .asp file extension under specific system paths. This can lead to accessing and modifying partial system information without affecting service availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.