Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2020/06/25 12:0 a.m.178 views

SquirrelMail <= 1.4.22 Multiple Vulnerabilities

SquirrelMail is prone to multiple Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...

9.3AI score
Exploits0References1
OSV
OSV
added 2020/06/20 1:15 p.m.3 views

CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

9.8CVSS5.8AI score0.01431EPSS
Exploits0References1
NVD
NVD
added 2020/06/20 1:15 p.m.15 views

CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

9.8CVSS0.01431EPSS
Exploits0References1
OSV
OSV
added 2020/06/20 1:15 p.m.5 views

UBUNTU-CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

9.8CVSS7.3AI score0.01431EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/06/20 12:7 p.m.18 views

CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

9.4AI score0.01431EPSS
Exploits0References1
CVE
CVE
added 2020/06/20 12:7 p.m.64 views

CVE-2020-14932

CVE-2020-14932 affects SquirrelMail 1.4.22, where compose.php unserializes the $mailtodata value originating from an HTTP GET request (related to mailto.php). The underlying issue is unsafe deserialization in PHP, enabling potentially arbitrary object injection. CVSS vectors in the entry indicate...

9.8CVSS9.3AI score0.01431EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/06/20 12:0 a.m.59 views

CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php. Recent assessments: kevthehermit at June 20, 2020 5:17pm UTC reported: tldr The use of unserialize in PHP that accepts user data. There is no...

9.8CVSS9.6AI score0.1669EPSS
Exploits2References2
Rows per page
Query Builder