Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote malicious users to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squirrelmail squirrelmail 1.4.3 |
||
squirrelmail squirrelmail 1.4.3_r3 |
||
squirrelmail squirrelmail 1.4.7 |
||
squirrelmail squirrelmail 1.4_rc1 |
||
squirrelmail squirrelmail 1.4.0 |
||
squirrelmail squirrelmail 1.4.4_rc1 |
||
squirrelmail squirrelmail 1.4.5 |
||
squirrelmail squirrelmail 1.4.1 |
||
squirrelmail squirrelmail 1.4.2 |
||
squirrelmail squirrelmail 1.4.6 |
||
squirrelmail squirrelmail 1.4.6_rc1 |
||
squirrelmail squirrelmail 1.4.3_rc1 |
||
squirrelmail squirrelmail 1.4.3a |
||
squirrelmail squirrelmail 1.4.4 |
||
squirrelmail squirrelmail 1.44 |