SquirrelMail 1.2.5 and previous versions allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squirrelmail squirrelmail 1.2.0 |
||
squirrelmail squirrelmail 1.2.1 |
||
squirrelmail squirrelmail 1.2.2 |
||
squirrelmail squirrelmail 1.2.3 |
||
squirrelmail squirrelmail 1.2.5 |
||
squirrelmail squirrelmail 1.2.4 |