Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0516
SquirrelMail 1.2.5 and previous versions allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.4
1 EDB exploit
NA
CVE-2002-2086
Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail prior to 1.2.6 allow remote malicious users to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an I...
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.2
1 Github repository
NA
CVE-2005-1769
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 up to and including 1.4.4 allow remote malicious users to inject arbitrary web script or HTML via unknown attack vectors in (1) the URL or (2) an e-mail message.
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.44
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
NA
CVE-2002-1341
Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and previous versions allows remote malicious users to insert script and HTML via the (1) mailbox and (2) passed_id parameters.
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.6
NA
CVE-2001-1159
load_prefs.php and supporting include files in SquirrelMail 1.0.4 and previous versions do not properly initialize certain PHP variables, which allows remote malicious users to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by usi...
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
NA
CVE-2007-6348
SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net prior to 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote malicious users to execute arbitrary code.
Squirrelmail Squirrelmail 1.4.11
Squirrelmail Squirrelmail 1.4.12
NA
CVE-2007-3636
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote malicious users to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon a vague pre-advisory from a reliable researcher.
Squirrelmail Gpg Plugin 2.0
Squirrelmail Squirrelmail 1.4.10a
1 EDB exploit
NA
CVE-2007-3635
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin prior to 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Gpg Plugin 2.0
6.1
CVSSv3
CVE-2018-14950
The mail message display page in SquirrelMail up to and including 1.4.22 has XSS via a "<svg><a xlink:href=" attack.
Squirrelmail Squirrelmail
NA
CVE-2002-1131
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and previous versions allows remote malicious users to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
Squirrelmail Squirrelmail
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »