Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail 1.2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2086
Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail prior to 1.2.6 allow remote malicious users to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an I...
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.5
1 Github repository
NA
CVE-2002-0516
SquirrelMail 1.2.5 and previous versions allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.5
1 EDB exploit
NA
CVE-2004-0519
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote malicious users to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.0
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
1 EDB exploit
NA
CVE-2004-0521
SQL injection vulnerability in SquirrelMail prior to 1.4.3 RC1 allows remote malicious users to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.0
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
NA
CVE-2005-0075
prefs.php in SquirrelMail prior to 1.4.4, with register_globals enabled, allows remote malicious users to inject local code into the SquirrelMail code via custom preference handlers.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
NA
CVE-2005-0104
Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail prior to 1.4.4 allows remote malicious users to inject arbitrary web script or HTML via certain integer variables.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.44
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
NA
CVE-2005-2095
options_identities.php in SquirrelMail 1.4.4 and previous versions uses the extract function to process the $_POST variable, which allows remote malicious users to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.44
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
1 EDB exploit
NA
CVE-2005-0103
PHP remote file inclusion vulnerability in webmail.php in SquirrelMail prior to 1.4.4 allows remote malicious users to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
NA
CVE-2009-1578
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail prior to 1.4.18 and NaSMail prior to 1.7 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to contrib/decrypt_heade...
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 0.5pre2
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.4.16
NA
CVE-2009-1579
The map_yp_alias function in functions/imap_general.php in SquirrelMail prior to 1.4.18 and NaSMail prior to 1.7 allows remote malicious users to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 0.5pre2
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.4.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »