Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail 1.2 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2002-0516
SquirrelMail 1.2.5 and previous versions allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.4
1 EDB exploit
6.8
CVSSv2
CVE-2004-1036
Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and previous versions, and 1.5.1-cvs prior to 23rd October 2004, allows remote malicious users to execute arbitrary web script or HTML.
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.5 Dev
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Gentoo Linux
6.8
CVSSv2
CVE-2004-0639
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and previous versions allow remote malicious users to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly ...
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.5 Dev
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.9
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.32
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3 Rc1
Open Webmail Open Webmail 2.30
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
1 EDB exploit
4.3
CVSSv2
CVE-2009-1581
functions/mime.php in SquirrelMail prior to 1.4.18 does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages, which allows remote malicious users to spoof the user interface, and conduct cross-site scripting (XSS) and ph...
Squirrelmail Squirrelmail 1.4.15 Rc1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.3.2
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.0 Rc3
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.2
Squirrelmail Squirrelmail 1.0.3
Squirrelmail Squirrelmail 0.2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.4.0 Rc1
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.3
4.3
CVSSv2
CVE-2009-1578
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail prior to 1.4.18 and NaSMail prior to 1.7 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to contrib/decrypt_heade...
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.1.2
Squirrelmail Squirrelmail 1.1.3
Squirrelmail Squirrelmail 1.0
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 0.4pre1
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 0.3pre1
Squirrelmail Squirrelmail
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.11
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.4.0 Rc1
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.10
6.8
CVSSv2
CVE-2009-1579
The map_yp_alias function in functions/imap_general.php in SquirrelMail prior to 1.4.18 and NaSMail prior to 1.7 allows remote malicious users to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
Squirrelmail Squirrelmail 1.4.0 Rc2a
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.3.0
Squirrelmail Squirrelmail 1.3.2
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 1.0.2
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 0.2
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 0.1.1
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 1.1.3
5.8
CVSSv2
CVE-2009-1580
Session fixation vulnerability in SquirrelMail prior to 1.4.18 allows remote malicious users to hijack web sessions via a crafted cookie.
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.0pre3
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3pre2
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 0.5
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
6.8
CVSSv2
CVE-2011-2753
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and previous versions allow remote malicious users to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_o...
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.3.0
Squirrelmail Squirrelmail 1.0pre1
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 1.0pre3
Squirrelmail Squirrelmail 0.5pre2
Squirrelmail Squirrelmail 0.5
Squirrelmail Squirrelmail 1.4.11
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.4.2-r2
Squirrelmail Squirrelmail 1.4.2-r5
Squirrelmail Squirrelmail 1.4.2-r4
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 0.3pre2
4.3
CVSSv2
CVE-2010-4554
functions/page_header.php in SquirrelMail 1.4.21 and previous versions does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site.
Squirrelmail Squirrelmail 0.3pre2
Squirrelmail Squirrelmail 0.3pre1
Squirrelmail Squirrelmail 1.4.15rc1
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.4.18
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 1.0.2
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 1.4.9
Squirrelmail Squirrelmail 1.4.8.4fc6
Squirrelmail Squirrelmail 1.4.3a
4.3
CVSSv2
CVE-2010-4555
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.21 and previous versions allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) drop-down selection lists, (2) the > (greater than) character in the SquirrelSpell spe...
Squirrelmail Squirrelmail 0.3pre2
Squirrelmail Squirrelmail 0.3pre1
Squirrelmail Squirrelmail 1.4.15rc1
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 1.1.2
Squirrelmail Squirrelmail 1.1.3
Squirrelmail Squirrelmail 1.0.3
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.4.20
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.2-r1
Squirrelmail Squirrelmail 1.4.2-r3
Squirrelmail Squirrelmail 1.4.8
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.9a
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »