VYPR
← All vendors
Vendor

NaSMail

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2009-2964Aug 25, 2009
    SquirrelMail
    Squirrelmail
    risk 0.00cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences, related to (1)…

  • CVE-2009-1579May 14, 2009
    SquirrelMail
    Squirrelmail
    risk 0.00cvss epss 0.04

    The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.

  • CVE-2009-1578May 14, 2009
    SquirrelMail
    Squirrelmail
    risk 0.00cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to contrib/decrypt_headers.php;…