[原文]help.php in V-webmail 1.6.2 allows remote attackers to obtain the installation path via unspecified invalid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
V-webmail contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when invalid parameters are passed to the 'help.php' script, which will disclose file system path information resulting in a loss of confidentiality.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.