Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-14950
The mail message display page in SquirrelMail up to and including 1.4.22 has XSS via a "<svg><a xlink:href=" attack.
Squirrelmail Squirrelmail
6.1
CVSSv3
CVE-2018-14953
The mail message display page in SquirrelMail up to and including 1.4.22 has XSS via a "<math xlink:href=" attack.
Squirrelmail Squirrelmail
6.1
CVSSv3
CVE-2018-14951
The mail message display page in SquirrelMail up to and including 1.4.22 has XSS via a "<form action='data:text" attack.
Squirrelmail Squirrelmail
6.1
CVSSv3
CVE-2018-14952
The mail message display page in SquirrelMail up to and including 1.4.22 has XSS via a "<math><maction xlink:href=" attack.
Squirrelmail Squirrelmail
6.1
CVSSv3
CVE-2018-14954
The mail message display page in SquirrelMail up to and including 1.4.22 has XSS via the formaction attribute.
Squirrelmail Squirrelmail
6.1
CVSSv3
CVE-2018-14955
The mail message display page in SquirrelMail up to and including 1.4.22 has XSS via SVG animations (animate to attribute).
Squirrelmail Squirrelmail
NA
CVE-2017-5181
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7692. Reason: This candidate is a reservation duplicate of CVE-2017-7692. Notes: All CVE users should reference CVE-2017-7692 instead of this candidate. All references and descriptions in this candidate have ...
1 Article
NA
CVE-2012-2124
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote malicious users to cause a denial of service (disk consumption) by making many IMAP login attempts with diff...
Redhat Enterprise Linux 4
Squirrelmail Squirrelmail -
Redhat Enterprise Linux 5
NA
CVE-2012-0323
Cross-site scripting (XSS) vulnerability in the Autocomplete plugin prior to 3.0 for SquirrelMail allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Paul Lesniewsk Autocomplete
Paul Lesniewsk Autocomplete 1.0
Paul Lesniewsk Autocomplete 1.1
Paul Lesniewsk Autocomplete 1.2
Paul Lesniewsk Autocomplete 1.3
Paul Lesniewsk Autocomplete 2.0
NA
CVE-2011-2753
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and previous versions allow remote malicious users to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_o...
Squirrelmail Squirrelmail 1.3.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.0.6
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 0.3
Squirrelmail Squirrelmail 0.4pre2
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.1.0
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 0.3.1
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 0.1.2
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.13
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.9a
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »