Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2017-5181

Published: 20/04/2017 Updated: 07/11/2023

Vulnerability Summary

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-7692. Reason: This candidate is a reservation duplicate of CVE-2017-7692. Notes: All CVE users should reference CVE-2017-7692 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

Recent Articles

Alert: If you're running SquirrelMail, Sendmail... why? And oh yeah, remote code vuln found
The Register • John Leyden • 24 Apr 2017

This is nuts

Updated Security researchers have uncovered a critical security hole in SquirrelMail, the open-source webmail project. Filippo Cavallarin and Dawid Golunski independently discovered a remote code execution hole in SquirrelMail version 1.4.22 and likely prior. That's the latest version, by the way, and is dated July 2011. The bug is a classic failure to sanitize user input, a shortcoming that makes it possible for authenticated attackers to execute arbitrary and malicious shell commands on a remo...

Read more...

References

https://nvd.nist.govhttps://www.theregister.co.uk/2017/04/24/squirrelmail_vuln/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook