Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
roundcube webmail 1.2.5 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2017-16651
Roundcube Webmail prior to 1.1.10, 1.2.x prior to 1.2.7, and 1.3.x prior to 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at th...
Roundcube Webmail 1.3.0
Roundcube Webmail 1.2.5
Roundcube Webmail
Roundcube Webmail 1.3.2
Roundcube Webmail 1.2.3
Roundcube Webmail 1.2.2
Roundcube Webmail 1.2.1
Roundcube Webmail 1.2.0
Roundcube Webmail 1.3.1
Roundcube Webmail 1.2.6
Roundcube Webmail 1.2.4
Debian Debian Linux 9.0
Debian Debian Linux 7.0
2 Github repositories
6.5
CVSSv2
CVE-2017-8114
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions prior to 1.0.11, 1.1.x prior to 1.1.9, and 1.2.x prior to 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.
Roundcube Webmail
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started