Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail 1.4.20 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2010-1637
The Mail Fetch plugin in SquirrelMail 1.4.20 and previous versions allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.
Squirrelmail Squirrelmail
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Fedoraproject Fedora 12
Apple Mac Os X Server
Apple Mac Os X
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
1 Github repository
NA
CVE-2011-2753
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and previous versions allow remote malicious users to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_o...
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.3.0
Squirrelmail Squirrelmail 1.0pre1
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 1.0pre3
Squirrelmail Squirrelmail 0.5pre2
Squirrelmail Squirrelmail 0.5
Squirrelmail Squirrelmail 1.4.11
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.4.2-r2
Squirrelmail Squirrelmail 1.4.2-r5
Squirrelmail Squirrelmail 1.4.2-r4
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 0.3pre2
NA
CVE-2011-2752
CRLF injection vulnerability in SquirrelMail 1.4.21 and previous versions allows remote malicious users to modify or add preference values via a \n (newline) character, a different vulnerability than CVE-2010-4555.
Squirrelmail Squirrelmail 0.3pre2
Squirrelmail Squirrelmail 0.3pre1
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 1.1.2
Squirrelmail Squirrelmail 1.1.3
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 0.5pre1
Squirrelmail Squirrelmail 1.4.20
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.2-r1
Squirrelmail Squirrelmail 1.4.2-r3
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.4.15
NA
CVE-2010-4555
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.21 and previous versions allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) drop-down selection lists, (2) the > (greater than) character in the SquirrelSpell spe...
Squirrelmail Squirrelmail 0.3pre2
Squirrelmail Squirrelmail 0.3pre1
Squirrelmail Squirrelmail 1.4.15rc1
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 1.1.2
Squirrelmail Squirrelmail 1.1.3
Squirrelmail Squirrelmail 1.0.3
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.4.20
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.2-r1
Squirrelmail Squirrelmail 1.4.2-r3
Squirrelmail Squirrelmail 1.4.8
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.9a
NA
CVE-2011-2023
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail prior to 1.4.22 allows remote malicious users to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message.
Squirrelmail Squirrelmail 0.2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.18
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 1.0.2
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 0.1.1
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.3pre2
NA
CVE-2010-4554
functions/page_header.php in SquirrelMail 1.4.21 and previous versions does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site.
Squirrelmail Squirrelmail 0.3pre2
Squirrelmail Squirrelmail 0.3pre1
Squirrelmail Squirrelmail 1.4.15rc1
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.4.18
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 1.0.2
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 1.4.9
Squirrelmail Squirrelmail 1.4.8.4fc6
Squirrelmail Squirrelmail 1.4.3a
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started