https://www.exploit-db.com/exploits/23809
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-564

EMUWebmail5.2.7版本存在漏洞。远程攻击者可以借助init.emu的HTTP请求获得敏感路径信息（主目录）。

source: http://www.securityfocus.com/bid/9861/info

Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out cross-site scripting attacks and disclose the path to the victim's home directory. The issues are reported to exist in the login script, 'emumail.fcgi' script and the 'init.emu' sample script.

EMU Webmail 5.2.7 has been reported to be affected by these issues.

http://www.example.com/webmail/init.emu

来源:XF
名称:emu-init-path-disclosure(15453)
链接:http://xforce.iss.net/xforce/xfdb/15453
来源:BID
名称:9861
链接:http://www.securityfocus.com/bid/9861
来源:OSVDB
名称:4203
链接:http://www.osvdb.org/4203
来源:SECUNIA
名称:11110
链接:http://secunia.com/advisories/11110
来源:members.lycos.co.uk
链接:http://members.lycos.co.uk/r34ct/main/emu/emu.txt