Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail 1.0.5 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2001-1159
load_prefs.php and supporting include files in SquirrelMail 1.0.4 and previous versions do not properly initialize certain PHP variables, which allows remote malicious users to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by usi...
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
685
VMScore
CVE-2004-0519
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote malicious users to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.9
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.7
1 EDB exploit
890
VMScore
CVE-2004-0521
SQL injection vulnerability in SquirrelMail prior to 1.4.3 RC1 allows remote malicious users to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
668
VMScore
CVE-2005-0103
PHP remote file inclusion vulnerability in webmail.php in SquirrelMail prior to 1.4.4 allows remote malicious users to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code.
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
445
VMScore
CVE-2005-0075
prefs.php in SquirrelMail prior to 1.4.4, with register_globals enabled, allows remote malicious users to inject local code into the SquirrelMail code via custom preference handlers.
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
435
VMScore
CVE-2005-2095
options_identities.php in SquirrelMail 1.4.4 and previous versions uses the extract function to process the $_POST variable, which allows remote malicious users to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files.
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.44
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
1 EDB exploit
383
VMScore
CVE-2005-0104
Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail prior to 1.4.4 allows remote malicious users to inject arbitrary web script or HTML via certain integer variables.
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.44
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.0
605
VMScore
CVE-2004-1036
Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and previous versions, and 1.5.1-cvs prior to 23rd October 2004, allows remote malicious users to execute arbitrary web script or HTML.
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.5 Dev
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Gentoo Linux
755
VMScore
CVE-2006-2842
PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and previous versions, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE...
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.4
1 EDB exploit
1 Github repository
383
VMScore
CVE-2009-1578
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail prior to 1.4.18 and NaSMail prior to 1.7 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to contrib/decrypt_heade...
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.1.2
Squirrelmail Squirrelmail 1.1.3
Squirrelmail Squirrelmail 1.0
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 0.4pre1
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 0.3pre1
Squirrelmail Squirrelmail
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.11
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.4.0 Rc1
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »