Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a remote code execution vulnerability. Every application that stores attachments with Attachment::save() without providing a $filename or passing unsanitized user input is affected by this attack. An attacker can send …