Lucene search

K

CVE-2006-0377

🗓️ 24 Feb 2006 00:00:02Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 80 Views🌐 WEB

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP..

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Detection
Refs
Paths
ParameterPositionPathDescriptionCWE
mailboxquery param/src/read_body.phpThe 'mailbox' parameter in the GET request can be exploited to inject arbitrary IMAP commands.CWE-20CWE-86
subjectbinary/src/compose.phpThe 'subject' parameter in the POST request can be manipulated to inject SMTP commands.CWE-20CWE-86

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
24 Feb 2006 00:02Current
6.8Medium risk
Vulners AI Score6.8
CVSS25
EPSS0.01608
80
.json
Report