Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
squirrelmail squirrelmail 1.2.5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2086
Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail prior to 1.2.6 allow remote malicious users to inject arbitrary web script or HTML via (1) "<<script" in unspecified input fields or (2) a javascript: URL in the src attribute of an I...
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.2
1 Github repository
NA
CVE-2002-0516
SquirrelMail 1.2.5 and previous versions allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.4
1 EDB exploit
NA
CVE-2009-1381
The map_yp_alias function in functions/imap_general.php in SquirrelMail prior to 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote malicious users to execute arbitrary commands via shell metacharacters in a username string that is used...
Squirrelmail Squirrelmail 1.4.0-r1
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.6-rc1
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Imap General.php 1.2.2
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.11
NA
CVE-2004-0519
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote malicious users to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.9
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.7
1 EDB exploit
NA
CVE-2004-0521
SQL injection vulnerability in SquirrelMail prior to 1.4.3 RC1 allows remote malicious users to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Sgi Propack 3.0
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
NA
CVE-2005-0103
PHP remote file inclusion vulnerability in webmail.php in SquirrelMail prior to 1.4.4 allows remote malicious users to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code.
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
NA
CVE-2005-0075
prefs.php in SquirrelMail prior to 1.4.4, with register_globals enabled, allows remote malicious users to inject local code into the SquirrelMail code via custom preference handlers.
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
NA
CVE-2005-2095
options_identities.php in SquirrelMail 1.4.4 and previous versions uses the extract function to process the $_POST variable, which allows remote malicious users to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files.
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.0
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.44
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
1 EDB exploit
NA
CVE-2005-0104
Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail prior to 1.4.4 allows remote malicious users to inject arbitrary web script or HTML via certain integer variables.
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.44
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2.0
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.4.0
NA
CVE-2004-1036
Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and previous versions, and 1.5.1-cvs prior to 23rd October 2004, allows remote malicious users to execute arbitrary web script or HTML.
Squirrelmail Squirrelmail 1.2.11
Squirrelmail Squirrelmail 1.2.2
Squirrelmail Squirrelmail 1.2.9
Squirrelmail Squirrelmail 1.4
Squirrelmail Squirrelmail 1.2.1
Squirrelmail Squirrelmail 1.2.10
Squirrelmail Squirrelmail 1.2.7
Squirrelmail Squirrelmail 1.2.8
Squirrelmail Squirrelmail 1.5 Dev
Squirrelmail Squirrelmail 1.0.5
Squirrelmail Squirrelmail 1.2
Squirrelmail Squirrelmail 1.2.5
Squirrelmail Squirrelmail 1.2.6
Squirrelmail Squirrelmail 1.4.3 Rc1
Squirrelmail Squirrelmail 1.4.3a
Squirrelmail Squirrelmail 1.0.4
Squirrelmail Squirrelmail 1.2.3
Squirrelmail Squirrelmail 1.2.4
Squirrelmail Squirrelmail 1.4.1
Squirrelmail Squirrelmail 1.4.2
Squirrelmail Squirrelmail 1.4.3
Gentoo Linux
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »