Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-1131
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and previous versions allows remote malicious users to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
Squirrelmail Squirrelmail
1 EDB exploit
7.5
CVSSv2
CVE-2001-1159
load_prefs.php and supporting include files in SquirrelMail 1.0.4 and previous versions do not properly initialize certain PHP variables, which allows remote malicious users to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by usi...
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
7.2
CVSSv2
CVE-2005-0183
ftpfile in the Vacation plugin 0.15 and previous versions for Squirrelmail allows local users to execute arbitrary commands via shell metacharacters in a command line argument.
Squirrelmail Vacation Plugin
6.8
CVSSv2
CVE-2011-2753
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and previous versions allow remote malicious users to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_o...
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 0.4
Squirrelmail Squirrelmail 1.4.17
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.19
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.3.0
Squirrelmail Squirrelmail 1.0pre1
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 1.0pre3
Squirrelmail Squirrelmail 0.5pre2
Squirrelmail Squirrelmail 0.5
Squirrelmail Squirrelmail 1.4.11
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.4.2-r2
Squirrelmail Squirrelmail 1.4.2-r5
Squirrelmail Squirrelmail 1.4.2-r4
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 0.3pre2
6.8
CVSSv2
CVE-2009-2964
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and previous versions, and NaSMail prior to 1.7, allow remote malicious users to hijack the authentication of unspecified victims via features such as send message and change preferences, related to...
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4 Rc1
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.2-r4
Squirrelmail Squirrelmail 1.4.2-r3
Squirrelmail Squirrelmail 1.4.15
Squirrelmail Squirrelmail 1.4.12
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.1.2
Squirrelmail Squirrelmail 1.1.1
Squirrelmail Squirrelmail 1.0.4
6.8
CVSSv2
CVE-2009-1381
The map_yp_alias function in functions/imap_general.php in SquirrelMail prior to 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote malicious users to execute arbitrary commands via shell metacharacters in a username string that is used...
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.6-rc1
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Imap General.php 1.2.2
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
6.8
CVSSv2
CVE-2009-1579
The map_yp_alias function in functions/imap_general.php in SquirrelMail prior to 1.4.18 and NaSMail prior to 1.7 allows remote malicious users to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
Squirrelmail Squirrelmail 1.4.0 Rc2a
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.3.0
Squirrelmail Squirrelmail 1.3.2
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.0pre2
Squirrelmail Squirrelmail 1.0.1
Squirrelmail Squirrelmail 1.0.2
Squirrelmail Squirrelmail 0.1
Squirrelmail Squirrelmail 0.2.1
Squirrelmail Squirrelmail 0.2
Squirrelmail Squirrelmail 1.4.10
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 0.1.1
Squirrelmail Squirrelmail 1.4.16
Squirrelmail Squirrelmail 1.1.3
6.8
CVSSv2
CVE-2007-6348
SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net prior to 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote malicious users to execute arbitrary code.
Squirrelmail Squirrelmail 1.4.11
Squirrelmail Squirrelmail 1.4.12
6.8
CVSSv2
CVE-2006-6142
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 up to and including 1.4.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in (b) compose....
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4 Rc1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.7
6.8
CVSSv2
CVE-2004-1036
Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and previous versions, and 1.5.1-cvs prior to 23rd October 2004, allows remote malicious users to execute arbitrary web script or HTML.
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.5 Dev
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Gentoo Linux
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »