Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
roundcube webmail 1.2.5 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2017-16651
Roundcube Webmail prior to 1.1.10, 1.2.x prior to 1.2.7, and 1.3.x prior to 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at th...
Roundcube Webmail 1.3.0
Roundcube Webmail 1.2.5
Roundcube Webmail
Roundcube Webmail 1.3.2
Roundcube Webmail 1.2.3
Roundcube Webmail 1.2.2
Roundcube Webmail 1.2.1
Roundcube Webmail 1.2.0
Roundcube Webmail 1.3.1
Roundcube Webmail 1.2.6
Roundcube Webmail 1.2.4
Debian Debian Linux 9.0
Debian Debian Linux 7.0
2 Github repositories
6.5
CVSSv2
CVE-2017-8114
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions prior to 1.0.11, 1.1.x prior to 1.1.9, and 1.2.x prior to 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.
Roundcube Webmail
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started