https://www.exploit-db.com/exploits/19914
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200005-054

TheEMURLweb-basedemailaccount软件在用户会话URLs编码标识符可预测，存在漏洞，远程攻击者可以利用这个漏洞访问用户email账户。

source: http://www.securityfocus.com/bid/1203/info

Emurl software creates a unique identifier for each user, based on their account name. This identifier is encoded using the ascii value of each character in the account name and augmented by its position. By using a specific URL along with a user's identifier, it is possible to retreive that users e-mail as well as view and change their account settings.

To read email:
http://target/scripts/emurl/RECMAN.dll?TYPE=RECIEVEMAIL&USER=<identifier>

To view/modify account settings:
http://target/scripts/emurl/MAKEHTML_M.dll?TYPE=USER&USER=<identifier>

来源:BID
名称:1203
链接:http://www.securityfocus.com/bid/1203
来源:BUGTRAQ
名称:20000515VulnerabilityinEMURL-basede-mailproviders
链接:http://archives.neohapsis.com/archives/bugtraq/2000-05/0160.html