Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-3635
Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin prior to 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634.
Squirrelmail Squirrelmail 1.4.10a
Squirrelmail Gpg Plugin 2.0
7.5
CVSSv2
CVE-2007-2631
Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8-4.fc6 and previous versions allows remote malicious users to perform unspecified actions as arbitrary users via unspecified vectors. NOTE: this issue might overlap CVE-2007-2589 or CVE-2002-1648.
Squirrelmail Squirrelmail
4.3
CVSSv2
CVE-2007-1262
Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 up to and including 1.4.9a allow remote malicious users to inject arbitrary web script or HTML via the (1) data: URI in an HTML e-mail attachment or (2) various non-ASCII character sets t...
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.8
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.9
Squirrelmail Squirrelmail 1.4.9a
5
CVSSv2
CVE-2007-2589
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 up to and including 1.4.9a allows remote malicious users to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4.8
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.9
Squirrelmail Squirrelmail 1.4.9a
6.8
CVSSv2
CVE-2006-6142
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 up to and including 1.4.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in (b) compose....
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.3aa
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4 Rc1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.6 Cvs
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.7
6.4
CVSSv2
CVE-2006-4019
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote malicious users to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.7
Squirrelmail Squirrelmail 1.4 Rc1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.5
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.6
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.44
1 EDB exploit
4.3
CVSSv2
CVE-2006-3665
SquirrelMail 1.4.6 and previous versions, with register_globals enabled, allows remote malicious users to hijack cookies in src/redirect.php via unknown vectors. NOTE: while "cookie theft" is frequently associated with XSS, the vendor disclosure is too vague to be certa...
Squirrelmail Squirrelmail 1.4.6
2.6
CVSSv2
CVE-2006-3174
Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and previous versions, when register_globals is enabled, allows remote malicious users to inject arbitrary HTML via the mailbox parameter.
Squirrelmail Squirrelmail
7.5
CVSSv2
CVE-2006-2842
PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and previous versions, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE...
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.4
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2006-0188
webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote malicious users to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified ...
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.4.4
Squirrelmail Squirrelmail 1.4.3 R3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.6 Rc1
Squirrelmail Squirrelmail 1.4 Rc1
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.4 Rc1
Squirrelmail Squirrelmail 1.4.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »