Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
roundcube webmail - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5620
RoundCube Webmail (roundcubemail) prior to 0.2-beta allows remote malicious users to cause a denial of service (memory consumption) via crafted size parameters that are used to create a large quota image.
Roundcube Webmail 0.1
Roundcube Webmail 0.1.1
Roundcube Webmail 0.2
Roundcube Webmail
6.1
CVSSv3
CVE-2015-8864
Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 1.0.9 and 1.1.x prior to 1.1.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068.
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Roundcube Roundcube Webmail 1.1.3
Roundcube Roundcube Webmail 1.1.2
Roundcube Roundcube Webmail 1.1.1
Roundcube Webmail
Roundcube Webmail 1.1
Roundcube Webmail 1.1.4
6.1
CVSSv3
CVE-2016-4068
Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 1.0.9 and 1.1.x prior to 1.1.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864.
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Roundcube Roundcube Webmail 1.1.3
Roundcube Roundcube Webmail 1.1.2
Roundcube Roundcube Webmail 1.1.1
Roundcube Webmail
Roundcube Webmail 1.1
Roundcube Webmail 1.1.4
6.1
CVSSv3
CVE-2015-8793
Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube prior to 1.0.6 and 1.1.x prior to 1.1.2 allows remote malicious users to inject arbitrary web script or HTML via the _mbox parameter in a mail task to the default URL, a different vulnerability th...
Roundcube Webmail 1.1.0
Roundcube Webmail 1.1.1
Roundcube Webmail
NA
CVE-2015-8105
Cross-site scripting (XSS) vulnerability in program/js/app.js in Roundcube webmail prior to 1.0.7 and 1.1.x prior to 1.1.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name in a drag-n-drop file upload.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Roundcube Webmail
Roundcube Webmail 1.1.0
Roundcube Webmail 1.1.2
Roundcube Webmail 1.1.1
6.1
CVSSv3
CVE-2015-5381
Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x prior to 1.1.2 allows remote malicious users to inject arbitrary web script or HTML via the _mbox parameter to the default URI.
Roundcube Roundcube Webmail 1.1.1
Roundcube Webmail 1.1
7.5
CVSSv3
CVE-2015-5383
Roundcube Webmail 1.1.x prior to 1.1.2 allows remote malicious users to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory.
Roundcube Roundcube Webmail 1.1.1
Roundcube Webmail 1.1
NA
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer prior to 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote malicious users to execute arbitrary code via crafted input that is processed by the ...
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.3
2 EDB exploits
7.5
CVSSv3
CVE-2018-19205
Roundcube prior to 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for malicious users to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php.
Roundcube Webmail
8.8
CVSSv3
CVE-2017-8114
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions prior to 1.0.11, 1.1.x prior to 1.1.9, and 1.2.x prior to 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.
Roundcube Webmail
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »