Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-1650
The spell checker plugin (check_me.mod.php) for SquirrelMail prior to 1.2.3 allows remote malicious users to execute arbitrary commands via a modified sqspell_command parameter.
Squirrelmail Squirrelmail 1.2.2
490
VMScore
CVE-2006-4169
Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev prior to 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the help parameter to (1) gpg_help.php or (2) gpg_help_ba...
Squirrelmail Gpg Plugin 2.0
Squirrelmail Gpg Plugin 2.1 Dev
668
VMScore
CVE-2007-3778
The G/PGP (GPG) Plugin 2.0, and 2.1dev prior to 20060912, for Squirrelmail allows remote malicious users to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpg_check_sign_pgp_mime function in gpg_hook_functions.php. NOTE: a parameter ...
Squirrelmail Gpg Plugin 2.1 Dev
Squirrelmail Gpg Plugin 2.0
668
VMScore
CVE-2005-0239
viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail allows remote malicious users to execute arbitrary commands via shell metacharacters in the cert parameter.
Squirrelmail S Mime Plugin 0.4
Squirrelmail S Mime Plugin 0.5
435
VMScore
CVE-2005-3128
Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote malicious users to inject arbitrary web script or HTML via the IMG tag.
Squirrelmail Address Add Plugin 1.9
Squirrelmail Address Add Plugin 2.0
1 EDB exploit
445
VMScore
CVE-2012-2124
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote malicious users to cause a denial of service (disk consumption) by making many IMAP login attempts with diff...
Redhat Enterprise Linux 4
Squirrelmail Squirrelmail -
Redhat Enterprise Linux 5
578
VMScore
CVE-2018-8741
A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated malicious user to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php.
Squirrelmail Squirrelmail 1.4.22
Debian Debian Linux 8.0
Debian Debian Linux 7.0
641
VMScore
CVE-2005-0183
ftpfile in the Vacation plugin 0.15 and previous versions for Squirrelmail allows local users to execute arbitrary commands via shell metacharacters in a command line argument.
Squirrelmail Vacation Plugin
578
VMScore
CVE-2007-3634
Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpg_sign_attachment function, aka ZD-00000004. this informa...
Squirrelmail Gpg Plugin 2.0
940
VMScore
CVE-2005-1924
The G/PGP (GPG) Plugin 2.1 and previous versions for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_te...
Squirrelmail Gpg Plugin
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »