Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2008-3663
Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote malicious users to capture this cookie.
Squirrelmail Squirrelmail 1.4.15
490
VMScore
CVE-2006-4169
Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev prior to 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the help parameter to (1) gpg_help.php or (2) gpg_help_ba...
Squirrelmail Gpg Plugin 2.0
Squirrelmail Gpg Plugin 2.1 Dev
668
VMScore
CVE-2007-3778
The G/PGP (GPG) Plugin 2.0, and 2.1dev prior to 20060912, for Squirrelmail allows remote malicious users to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpg_check_sign_pgp_mime function in gpg_hook_functions.php. NOTE: a parameter ...
Squirrelmail Gpg Plugin 2.1 Dev
Squirrelmail Gpg Plugin 2.0
668
VMScore
CVE-2005-0239
viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail allows remote malicious users to execute arbitrary commands via shell metacharacters in the cert parameter.
Squirrelmail S Mime Plugin 0.4
Squirrelmail S Mime Plugin 0.5
435
VMScore
CVE-2005-3128
Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote malicious users to inject arbitrary web script or HTML via the IMG tag.
Squirrelmail Address Add Plugin 1.9
Squirrelmail Address Add Plugin 2.0
1 EDB exploit
445
VMScore
CVE-2012-2124
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote malicious users to cause a denial of service (disk consumption) by making many IMAP login attempts with diff...
Redhat Enterprise Linux 4
Squirrelmail Squirrelmail -
Redhat Enterprise Linux 5
578
VMScore
CVE-2018-8741
A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated malicious user to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php.
Squirrelmail Squirrelmail 1.4.22
Debian Debian Linux 8.0
Debian Debian Linux 7.0
940
VMScore
CVE-2005-1924
The G/PGP (GPG) Plugin 2.1 and previous versions for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_te...
Squirrelmail Gpg Plugin
2 EDB exploits
578
VMScore
CVE-2007-3634
Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpg_sign_attachment function, aka ZD-00000004. this informa...
Squirrelmail Gpg Plugin 2.0
641
VMScore
CVE-2005-0183
ftpfile in the Vacation plugin 0.15 and previous versions for Squirrelmail allows local users to execute arbitrary commands via shell metacharacters in a command line argument.
Squirrelmail Vacation Plugin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »