Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail 1.4.6 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2006-3665
SquirrelMail 1.4.6 and previous versions, with register_globals enabled, allows remote malicious users to hijack cookies in src/redirect.php via unknown vectors. NOTE: while "cookie theft" is frequently associated with XSS, the vendor disclosure is too vague to be certa...
Squirrelmail Squirrelmail 1.4.6
605
VMScore
CVE-2006-6142
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 up to and including 1.4.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in (b) compose....
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4 Rc1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.7
645
VMScore
CVE-2006-4019
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote malicious users to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4 Rc1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.44
1 EDB exploit
383
VMScore
CVE-2007-1262
Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 up to and including 1.4.9a allow remote malicious users to inject arbitrary web script or HTML via the (1) data: URI in an HTML e-mail attachment or (2) various non-ASCII character sets t...
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.8
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.9
Squirrelmail Squirrelmail 1.4.9a
445
VMScore
CVE-2007-2589
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 up to and including 1.4.9a allows remote malicious users to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.8
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.9
Squirrelmail Squirrelmail 1.4.9a
445
VMScore
CVE-2010-2813
functions/imap_general.php in SquirrelMail prior to 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote malicious users to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creat...
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 1.4.0 Rc1
Squirrelmail Squirrelmail 1.4.11
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.4.9a
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.18
Squirrelmail Squirrelmail 1.4.5 Rc1
Squirrelmail Squirrelmail 1.4.15 Rc1
Squirrelmail Squirrelmail 1.4.2-r3
Squirrelmail Squirrelmail 1.4.2-r2
Squirrelmail Squirrelmail 1.4.8
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.3aa
383
VMScore
CVE-2008-2379
Cross-site scripting (XSS) vulnerability in SquirrelMail prior to 1.4.17 allows remote malicious users to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.1.2
Squirrelmail Squirrelmail 1.0.2
Squirrelmail Squirrelmail 1.0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 0.1.1
Squirrelmail Squirrelmail
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.5 Rc1
516
VMScore
CVE-2009-1580
Session fixation vulnerability in SquirrelMail prior to 1.4.18 allows remote malicious users to hijack web sessions via a crafted cookie.
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.0pre3
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3pre2
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 0.5
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
383
VMScore
CVE-2011-2023
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail prior to 1.4.22 allows remote malicious users to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message.
Squirrelmail Squirrelmail 0.2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.18
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 1.0.2
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 0.1.1
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.3pre2
516
VMScore
CVE-2011-2752
CRLF injection vulnerability in SquirrelMail 1.4.21 and previous versions allows remote malicious users to modify or add preference values via a \n (newline) character, a different vulnerability than CVE-2010-4555.
Squirrelmail Squirrelmail 0.3pre2
Squirrelmail Squirrelmail 0.3pre1
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 1.1.2
Squirrelmail Squirrelmail 1.1.3
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 0.5pre1
Squirrelmail Squirrelmail 1.4.20
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.2-r1
Squirrelmail Squirrelmail 1.4.2-r3
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.4.15
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »