Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
roundcube webmail 0.5.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-2937
Cross-site scripting (XSS) vulnerability in the UI messages functionality in Roundcube Webmail prior to 0.5.4 allows remote malicious users to inject arbitrary web script or HTML via the _mbox parameter to the default URI.
Roundcube Webmail 0.5.2
Roundcube Webmail 0.1
Roundcube Webmail 0.4
Roundcube Webmail
Roundcube Webmail 0.3
Roundcube Webmail 0.5
Roundcube Webmail 0.2
Roundcube Webmail 0.4.2
Roundcube Webmail 0.5.1
Roundcube Webmail 0.1.1
Roundcube Webmail 0.4.1
Roundcube Webmail 0.3.1
Roundcube Webmail 0.2.1
NA
CVE-2011-4078
include/iniset.php in Roundcube Webmail 0.5.4 and previous versions, when PHP 5.3.7 or 5.3.8 is used, allows remote malicious users to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containin...
Roundcube Webmail
Roundcube Webmail 0.1
Roundcube Webmail 0.1.1
Roundcube Webmail 0.2
Roundcube Webmail 0.2.1
Roundcube Webmail 0.3
Roundcube Webmail 0.3.1
Roundcube Webmail 0.4
Roundcube Webmail 0.4.1
Roundcube Webmail 0.4.2
Roundcube Webmail 0.5
Roundcube Webmail 0.5.1
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5.3
NA
CVE-2012-1253
Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 0.7, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via vectors involving an embedded image attachment.
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5.4
Roundcube Webmail 0.1
Roundcube Webmail 0.4
Roundcube Webmail 0.3
Roundcube Webmail 0.5
Roundcube Webmail 0.2
Roundcube Webmail 0.4.2
Roundcube Webmail 0.5.1
Roundcube Webmail 0.2.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.4.1
Roundcube Webmail 0.5.3
Roundcube Webmail 0.3.1
Roundcube Webmail 0.2.1
Roundcube Webmail
NA
CVE-2012-3507
Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail prior to 0.8.0, when using the Larry skin, allows remote malicious users to inject arbitrary web script or HTML via the email message subject.
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5.4
Roundcube Webmail 0.1
Roundcube Webmail 0.4
Roundcube Webmail 0.3
Roundcube Webmail 0.5
Roundcube Webmail 0.2
Roundcube Webmail 0.7
Roundcube Webmail 0.4.2
Roundcube Webmail 0.5.1
Roundcube Webmail 0.7.2
Roundcube Webmail 0.6
Roundcube Webmail 0.2.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.4.1
Roundcube Webmail 0.7.1
Roundcube Webmail 0.5.3
Roundcube Webmail 0.3.1
Roundcube Webmail 0.2.1
Roundcube Webmail
NA
CVE-2012-4668
Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the signature in an email.
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5.4
Roundcube Webmail 0.1
Roundcube Webmail 0.4
Roundcube Webmail
Roundcube Webmail 0.3
Roundcube Webmail 0.5
Roundcube Webmail 0.2
Roundcube Webmail 0.7
Roundcube Webmail 0.4.2
Roundcube Webmail 0.8.0
Roundcube Webmail 0.5.1
Roundcube Webmail 0.7.2
Roundcube Webmail 0.6
Roundcube Webmail 0.2.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.7.3
Roundcube Webmail 0.4.1
Roundcube Webmail 0.7.1
Roundcube Webmail 0.5.3
Roundcube Webmail 0.3.1
Roundcube Webmail 0.2.1
1 EDB exploit
NA
CVE-2012-6121
Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 0.8.5 allows remote malicious users to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5.4
Roundcube Webmail 0.1
Roundcube Webmail 0.4
Roundcube Webmail 0.3
Roundcube Webmail 0.5
Roundcube Webmail 0.8.3
Roundcube Webmail 0.2
Roundcube Webmail 0.8.1
Roundcube Webmail 0.7
Roundcube Webmail 0.4.2
Roundcube Webmail 0.8.0
Roundcube Webmail 0.8.2
Roundcube Webmail
Roundcube Webmail 0.5.1
Roundcube Webmail 0.7.2
Roundcube Webmail 0.6
Roundcube Webmail 0.2.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.7.3
Roundcube Webmail 0.4.1
Roundcube Webmail 0.7.1
NA
CVE-2013-1904
Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail prior to 0.7.3 and 0.8.x prior to 0.8.6 allows remote malicious users to read arbitrary files via a full pathname in the _value parameter for the generic_message_footer setting in a save-perf ac...
Roundcube Webmail 0.5.2
Roundcube Webmail
Roundcube Webmail 0.5.4
Roundcube Webmail 0.1
Roundcube Webmail 0.4
Roundcube Webmail 0.8.5
Roundcube Webmail 0.3
Roundcube Webmail 0.5
Roundcube Webmail 0.8.3
Roundcube Webmail 0.2
Roundcube Webmail 0.8.1
Roundcube Webmail 0.7
Roundcube Webmail 0.4.2
Roundcube Webmail 0.8.0
Roundcube Webmail 0.8.2
Roundcube Webmail 0.5.1
Roundcube Webmail 0.6
Roundcube Webmail 0.2.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.4.1
Roundcube Webmail 0.7.1
Roundcube Webmail 0.5.3
NA
CVE-2013-5645
Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail prior to 0.9.3 allow user-assisted remote malicious users to inject arbitrary web script or HTML via the body of a message visited in (1) new or (2) draft mode, related to compose.inc; and (3) might allow re...
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5.4
Roundcube Webmail 0.1
Roundcube Webmail 0.4
Roundcube Webmail 0.9
Roundcube Webmail 0.8.5
Roundcube Webmail 0.3
Roundcube Webmail 0.5
Roundcube Webmail 0.8.3
Roundcube Webmail 0.2
Roundcube Webmail 0.8.6
Roundcube Webmail 0.9.1
Roundcube Webmail 0.8.1
Roundcube Webmail
Roundcube Webmail 0.7
Roundcube Webmail 0.4.2
Roundcube Webmail 0.8.0
Roundcube Webmail 0.8.2
Roundcube Webmail 0.5.1
Roundcube Webmail 0.7.2
Roundcube Webmail 0.6
Roundcube Webmail 0.2.2
NA
CVE-2013-6172
steps/utils/save_pref.inc in Roundcube webmail prior to 0.8.7 and 0.9.x prior to 0.9.5 allows remote malicious users to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary c...
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5.4
Roundcube Webmail 0.1
Roundcube Webmail 0.4
Roundcube Webmail 0.9
Roundcube Webmail 0.9.4
Roundcube Webmail 0.8.5
Roundcube Webmail 0.3
Roundcube Webmail 0.5
Roundcube Webmail 0.8.3
Roundcube Webmail 0.2
Roundcube Webmail 0.9.1
Roundcube Webmail 0.8.1
Roundcube Webmail 0.7
Roundcube Webmail
Roundcube Webmail 0.4.2
Roundcube Webmail 0.9.2
Roundcube Webmail 0.8.0
Roundcube Webmail 0.8.2
Roundcube Webmail 0.5.1
Roundcube Webmail 0.7.2
Roundcube Webmail 0.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started