CVE-2023-48382

Name of the Vulnerable Software and Affected Versions Softnext Mail SQR Expert (affected versions not specified)

Description The issue is related to a Local File Inclusion (LFI) vulnerability in a mail deliver-related URL. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary PHP files with .asp file extension under specific system paths, allowing access and modification of partial system information without affecting service availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.