Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail 1.4.15 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3663
Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote malicious users to capture this cookie.
Squirrelmail Squirrelmail 1.4.15
NA
CVE-2010-2813
functions/imap_general.php in SquirrelMail prior to 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote malicious users to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creat...
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.5 Rc1
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.9a
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.4.2-r3
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.15 Rc1
Squirrelmail Squirrelmail 1.4.2-r5
Squirrelmail Squirrelmail 1.4.4
NA
CVE-2009-1578
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail prior to 1.4.18 and NaSMail prior to 1.7 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to contrib/decrypt_heade...
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 0.5pre2
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.4.16
NA
CVE-2009-1579
The map_yp_alias function in functions/imap_general.php in SquirrelMail prior to 1.4.18 and NaSMail prior to 1.7 allows remote malicious users to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 0.5pre2
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.4.16
NA
CVE-2009-1581
functions/mime.php in SquirrelMail prior to 1.4.18 does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages, which allows remote malicious users to spoof the user interface, and conduct cross-site scripting (XSS) and ph...
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 0.5pre2
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.4.16
NA
CVE-2008-2379
Cross-site scripting (XSS) vulnerability in SquirrelMail prior to 1.4.17 allows remote malicious users to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.4.5 Rc1
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.9a
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.3 Rc1
NA
CVE-2009-2964
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and previous versions, and NaSMail prior to 1.7, allow remote malicious users to hijack the authentication of unspecified victims via features such as send message and change preferences, related to...
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.5 Rc1
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 1.2.6-rc1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.9a
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.7
NA
CVE-2009-1580
Session fixation vulnerability in SquirrelMail prior to 1.4.18 allows remote malicious users to hijack web sessions via a crafted cookie.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.9a
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 1.4.15
NA
CVE-2011-2023
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail prior to 1.4.22 allows remote malicious users to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message.
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.9a
NA
CVE-2011-2752
CRLF injection vulnerability in SquirrelMail 1.4.21 and previous versions allows remote malicious users to modify or add preference values via a \n (newline) character, a different vulnerability than CVE-2010-4555.
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.9a
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »