Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
roundcube webmail vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-4068
Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 1.0.9 and 1.1.x prior to 1.1.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2015-8864.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Opensuse Leap 42.1
Roundcube Roundcube Webmail 1.1.1
Roundcube Webmail 1.1.4
Roundcube Webmail
Roundcube Roundcube Webmail 1.1.2
Roundcube Webmail 1.1
Roundcube Roundcube Webmail 1.1.3
4.3
CVSSv2
CVE-2015-8864
Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 1.0.9 and 1.1.x prior to 1.1.5 allows remote malicious users to inject arbitrary web script or HTML via a crafted SVG, a different vulnerability than CVE-2016-4068.
Opensuse Opensuse 13.2
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Roundcube Webmail 1.1
Roundcube Webmail
Roundcube Webmail 1.1.4
Roundcube Roundcube Webmail 1.1.3
Roundcube Roundcube Webmail 1.1.2
Roundcube Roundcube Webmail 1.1.1
4.3
CVSSv2
CVE-2017-6820
rcube_utils.php in Roundcube prior to 1.1.8 and 1.2.x prior to 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets (CSS) token sequence within an SVG element.
Roundcube Webmail
Roundcube Webmail 1.2.3
Roundcube Webmail 1.2.2
Roundcube Webmail 1.2.1
Roundcube Webmail 1.2.0
4.3
CVSSv2
CVE-2016-4552
Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 1.2.0 allows remote malicious users to inject arbitrary web script or HTML via the href attribute in an area tag in an e-mail message.
Roundcube Webmail 1.2
4.3
CVSSv2
CVE-2015-8793
Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube prior to 1.0.6 and 1.1.x prior to 1.1.2 allows remote malicious users to inject arbitrary web script or HTML via the _mbox parameter in a mail task to the default URL, a different vulnerability th...
Roundcube Webmail 1.1.1
Roundcube Webmail
Roundcube Webmail 1.1.0
4.3
CVSSv2
CVE-2015-1433
program/lib/Roundcube/rcube_washtml.php in Roundcube prior to 1.0.5 does not properly quote strings, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via the style attribute in an email.
Roundcube Webmail
Fedoraproject Fedora 21
4.3
CVSSv2
CVE-2013-5645
Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail prior to 0.9.3 allow user-assisted remote malicious users to inject arbitrary web script or HTML via the body of a message visited in (1) new or (2) draft mode, related to compose.inc; and (3) might allow re...
Roundcube Webmail 0.9
Roundcube Webmail 0.7.2
Roundcube Webmail 0.7.1
Roundcube Webmail 0.5
Roundcube Webmail 0.3
Roundcube Webmail 0.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.1
Roundcube Webmail 0.8.3
Roundcube Webmail 0.8.4
Roundcube Webmail 0.8.5
Roundcube Webmail
Roundcube Webmail 0.8.1
Roundcube Webmail 0.5.4
Roundcube Webmail 0.5.3
Roundcube Webmail 0.4
Roundcube Webmail 0.2.1
Roundcube Webmail 0.8.2
Roundcube Webmail 0.9.0
Roundcube Webmail 0.9.1
Roundcube Webmail 0.7
Roundcube Webmail 0.6
4.3
CVSSv2
CVE-2012-6121
Cross-site scripting (XSS) vulnerability in Roundcube Webmail prior to 0.8.5 allows remote malicious users to inject arbitrary web script or HTML via a (1) data:text or (2) vbscript link.
Roundcube Webmail 0.1
Roundcube Webmail 0.2
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.2
Roundcube Webmail 0.3
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5.3
Roundcube Webmail 0.5.4
Roundcube Webmail 0.6
Roundcube Webmail 0.5
Roundcube Webmail 0.5.1
Roundcube Webmail 0.7
Roundcube Webmail 0.7.2
Roundcube Webmail 0.8.0
Roundcube Webmail 0.4
Roundcube Webmail 0.4.1
Roundcube Webmail 0.4.2
Roundcube Webmail 0.8.1
Roundcube Webmail 0.8.2
Roundcube Webmail 0.8.3
Roundcube Webmail
Roundcube Webmail 0.1.1
4.3
CVSSv2
CVE-2012-4668
Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the signature in an email.
Roundcube Webmail 0.8.0
Roundcube Webmail 0.7.2
Roundcube Webmail 0.5.2
Roundcube Webmail 0.5
Roundcube Webmail 0.5.1
Roundcube Webmail 0.4.2
Roundcube Webmail 0.3
Roundcube Webmail 0.2
Roundcube Webmail 0.1.1
Roundcube Webmail 0.1
Roundcube Webmail 0.4.1
Roundcube Webmail 0.4
Roundcube Webmail 0.7.1
Roundcube Webmail 0.7
Roundcube Webmail 0.6
Roundcube Webmail 0.5.4
Roundcube Webmail 0.2.2
Roundcube Webmail
Roundcube Webmail 0.7.3
Roundcube Webmail 0.5.3
Roundcube Webmail 0.3.1
Roundcube Webmail 0.2.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-3508
Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in Roundcube Webmail 0.8.0 allows remote malicious users to inject arbitrary web script or HTML by using "javascript:" in an href attribute in the body of an HTML-formatted email.
Roundcube Webmail 0.8.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »