Squirrelmail 漏洞列表

共找到 3 个与 Squirrelmail 相关的漏洞

📅 加载漏洞趋势中...

CVE-2002-1131: SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: SquirrelMail

The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
CVE-2004-0519: SquirrelMail 1.4.x - Folder Name Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: SquirrelMail 1.4.x

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
CVE-2006-2842: Squirrelmail <=1.4.6 - Local File Inclusion POC

日期: 2025-08-01 | 影响软件: Squirrelmail

SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.