VYPR

Vendor CVEs

SquirrelMail

All CVEs

79 total · sorted by risk
  • CVE-2017-7692HigApr 20, 2017
    risk 0.63cvss 8.8epss 0.32

    SquirrelMail 1.4.22 (and other versions before 20170427_0200-SVN) allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server. The…

  • CVE-2018-8741HigMar 17, 2018
    risk 0.58cvss 8.8epss 0.04

    A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php.

  • CVE-2025-30090HigApr 2, 2025
    risk 0.47cvss 7.2epss 0.00

    mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true.

  • CVE-2010-1637MedJun 22, 2010
    risk 0.42cvss 6.5epss 0.03

    The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

  • CVE-2018-14955MedAug 5, 2018
    risk 0.40cvss 6.1epss 0.01

    The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute).

  • CVE-2018-14954MedAug 5, 2018
    risk 0.40cvss 6.1epss 0.02

    The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute.

  • CVE-2018-14953MedAug 5, 2018
    risk 0.40cvss 6.1epss 0.01

    The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math xlink:href=" attack.

  • CVE-2018-14952MedAug 5, 2018
    risk 0.40cvss 6.1epss 0.01

    The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<maction xlink:href=" attack.

  • CVE-2018-14951MedAug 5, 2018
    risk 0.40cvss 6.1epss 0.01

    The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<form action='data:text" attack.

  • CVE-2018-14950MedAug 5, 2018
    risk 0.40cvss 6.1epss 0.01

    The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<a xlink:href=" attack.

  • CVE-2006-2842Jun 6, 2006
    risk 0.07cvss epss 0.47

    PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue…

  • CVE-2004-0519Aug 18, 2004
    risk 0.05cvss epss 0.23

    Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.

  • CVE-2003-0990Jan 20, 2004
    risk 0.05cvss epss 0.29

    The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field.

  • CVE-2002-1131Oct 4, 2002
    risk 0.05cvss epss 0.26

    Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.

  • CVE-2006-4019Aug 11, 2006
    risk 0.04cvss epss 0.09

    Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.

  • CVE-2005-1924Dec 31, 2005
    risk 0.04cvss epss 0.10

    The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php,…

  • CVE-2004-0520Aug 18, 2004
    risk 0.04cvss epss 0.07

    Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.

  • CVE-2002-0516Aug 12, 2002
    risk 0.04cvss epss 0.11

    SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.

  • CVE-2007-3636Jul 10, 2007
    risk 0.03cvss epss 0.03

    Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote attackers to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon a vague pre-advisory from a reliable researcher.

  • CVE-2006-0331Jan 21, 2006
    risk 0.03cvss epss 0.01

    Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments.

  • CVE-2005-3128Oct 4, 2005
    risk 0.03cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag.

  • CVE-2005-2095Jul 13, 2005
    risk 0.03cvss epss 0.04

    options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $_POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files.

  • CVE-2004-0524Aug 6, 2004
    risk 0.03cvss epss 0.05

    Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.

  • CVE-2004-0639Aug 6, 2004
    risk 0.03cvss epss 0.06

    Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors…

  • CVE-2020-14932Jun 20, 2020
    risk 0.00cvss epss 0.01

    compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.

  • CVE-2020-14933Jun 20, 2020
    risk 0.00cvss epss 0.01

    compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object injection are not satisfied: existence of a PHP magic method (such as __wakeup…

  • CVE-2012-5623Feb 13, 2020
    risk 0.00cvss epss 0.01

    Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords.

  • CVE-2019-12970Jul 1, 2019
    risk 0.00cvss epss 0.02

    XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x through 1.5.2. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context…

  • CVE-2012-2124Jan 18, 2013
    risk 0.00cvss epss 0.02

    functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different…

  • CVE-2012-0323Mar 9, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Autocomplete plugin before 3.0 for SquirrelMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2011-2753Jul 17, 2011
    risk 0.00cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_order) page, a…

  • CVE-2011-2752Jul 17, 2011
    risk 0.00cvss epss 0.02

    CRLF injection vulnerability in SquirrelMail 1.4.21 and earlier allows remote attackers to modify or add preference values via a \n (newline) character, a different vulnerability than CVE-2010-4555.

  • CVE-2011-2023Jul 14, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail message.

  • CVE-2010-4555Jul 14, 2011
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) drop-down selection lists, (2) the > (greater than) character in the SquirrelSpell spellchecking plugin,…

  • CVE-2010-4554Jul 14, 2011
    risk 0.00cvss epss 0.02

    functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

  • CVE-2010-2813Aug 19, 2010
    risk 0.00cvss epss 0.04

    functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of…

  • CVE-2009-2964Aug 25, 2009
    risk 0.00cvss epss 0.02

    Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences, related to (1)…

  • CVE-2009-1381May 22, 2009
    risk 0.00cvss epss 0.03

    The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the…

  • CVE-2009-1581May 14, 2009
    risk 0.00cvss epss 0.02

    functions/mime.php in SquirrelMail before 1.4.18 does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages, which allows remote attackers to spoof the user interface, and conduct cross-site scripting (XSS) and phishing…

  • CVE-2009-1580May 14, 2009
    risk 0.00cvss epss 0.02

    Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie.

  • CVE-2009-1579May 14, 2009
    risk 0.00cvss epss 0.03

    The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.

  • CVE-2009-1578May 14, 2009
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to contrib/decrypt_headers.php;…

  • CVE-2009-0030Jan 21, 2009
    risk 0.00cvss epss 0.02

    A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. …

  • CVE-2008-2379Dec 5, 2008
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.

  • CVE-2008-3663Sep 24, 2008
    risk 0.00cvss epss 0.02

    Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

  • CVE-2007-6348Dec 14, 2007
    risk 0.00cvss epss 0.04

    SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code.

  • CVE-2007-3779Jul 15, 2007
    risk 0.00cvss epss 0.01

    PHP local file inclusion vulnerability in gpg_pop_init.php in the G/PGP (GPG) Plugin before 20070707 for Squirrelmail allows remote attackers to include and execute arbitrary local files, related to the MOD parameter.

  • CVE-2007-3778Jul 15, 2007
    risk 0.00cvss epss 0.03

    The G/PGP (GPG) Plugin 2.0, and 2.1dev before 20060912, for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpg_check_sign_pgp_mime function in gpg_hook_functions.php. NOTE: a parameter value…

  • CVE-2006-4169Jul 15, 2007
    risk 0.00cvss epss 0.02

    Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev before 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the help parameter to (1) gpg_help.php or (2)…

  • CVE-2007-3634Jul 10, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpg_sign_attachment function, aka ZD-00000004. this…

Page 1 of 2