7 matches found
SquirrelMail <= 1.4.22 Multiple Vulnerabilities
SquirrelMail is prone to multiple Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...
CVE-2020-14932
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...
CVE-2020-14932
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...
UBUNTU-CVE-2020-14932
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...
CVE-2020-14932
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...
CVE-2020-14932
CVE-2020-14932 affects SquirrelMail 1.4.22, where compose.php unserializes the $mailtodata value originating from an HTTP GET request (related to mailto.php). The underlying issue is unsafe deserialization in PHP, enabling potentially arbitrary object injection. CVSS vectors in the entry indicate...
CVE-2020-14932
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php. Recent assessments: kevthehermit at June 20, 2020 5:17pm UTC reported: tldr The use of unserialize in PHP that accepts user data. There is no...