Lucene search
+L

1281 matches found

Exploit DB
Exploit DB
added 2004/04/30 12:0 a.m.26 views

SquirrelMail 1.4.x - Folder Name Cross-Site Scripting

source: https://www.securityfocus.com/bid/10246/info It has been reported that SquirrelMail is affected by a cross-site scripting vulnerability in the handling of folder name displays. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it...

7.4AI score
Exploits0
0day.today
0day.today
added 2004/04/20 12:0 a.m.20 views

SquirrelMail chpasswd buffer overflow

Exploit for linux platform in category local exploits ===================================== SquirrelMail chpasswd buffer overflow ===================================== / 0x3142-sq-chpasswd.c Squirremail chpasswd buffer overflow. Tested on SuSE 9. The bug was found by Matias Neiff Coded by x314 c...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/20 12:0 a.m.49 views

SquirrelMail - 'chpasswd' Local Buffer Overflow

/ 0x3142-sq-chpasswd.c Squirremail chpasswd buffer overflow. Tested on SuSE 9. The bug was found by Matias Neiff Coded by x314 c 2004 Copyright by x314. All Rights Reserved. Greets: m0s krewz. / include char shellcode= "\x31\xc0\xb0\x46\x31\xdb\x31\xc9\xcd\x80\xeb\x16\x5b\x31\xc0"...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/04/20 12:0 a.m.12 views

SquirrelMail - chpasswd Local Buffer Overflow

SquirrelMail - chpasswd Local Buffer Overflow / 0x3142-sq-chpasswd.c Squirremail chpasswd buffer overflow. Tested on SuSE 9. The bug was found by Matias Neiff Coded by x314 c 2004 Copyright by x314. All Rights Reserved. Greets: m0s krewz. / include char shellcode=...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2004/04/19 12:0 a.m.30 views

Squirrelmail chpasswd buffer overflow

Buffer overflow on oversized username...

4.3AI score
Exploits0References1Affected Software1
NVD
NVD
added 2004/01/20 5:0 a.m.13 views

CVE-2003-0990

The parseAddress code in 1 SquirrelMail 1.4.0 and 2 GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field...

7.5CVSS7.3AI score0.28792EPSS
Exploits4References5
CVE
CVE
added 2004/01/06 5:0 a.m.35 views

CVE-2003-0990

The CVE-2003-0990 issue affects SquirrelMail 1.4.0 and the GPG Plugin 1.1, where the parseAddress code can be abused to execute shell commands via metacharacters in the To: field. This is a remote command-execution vulnerability exploitable via SMTP delivery (e.g., via crafted email contents) and...

7.5CVSS7.3AI score0.28792EPSS
Exploits4References5
Cvelist
Cvelist
added 2004/01/06 5:0 a.m.15 views

CVE-2003-0990

The parseAddress code in 1 SquirrelMail 1.4.0 and 2 GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field...

7.3AI score0.28792EPSS
Exploits4References5
securityvulns
securityvulns
added 2003/12/26 12:0 a.m.33 views

[Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bugtraq Security Systems, Incorporated www.bugtraq.org Security Advisory Advisory Name: Command Injection Issue in Squirrelmail Release Date: 12/24/2003 Application: Squirrelmail Platform: Linux IA32 Linux sparc Linux sparc64 Linux hppa Linux ppc Linu...

7.5CVSS7.1AI score0.28792EPSS
Exploits4
securityvulns
securityvulns
added 2003/12/26 12:0 a.m.39 views

SquirrelMail shell characters command execution

Uncommented shell characters in parsing To: headers in PGP plugin...

3.5AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2003/06/18 12:0 a.m.16 views

SquirrelMail Multiple Remote Vulnerabilities

The remote host is running SquirrelMail, a web-based mail server. There is a flaw in the remote installation that could allow an attacker with a valid webmail account to read, move and delete arbitrary files on this server, with the privileges of the HTTP server. %NASLMINLEVEL 70300 C Tenable...

5.6AI score
Exploits0References1
exploitpack
exploitpack
added 2003/06/17 12:0 a.m.12 views

SquirrelMail 1.2.11 Administrator Plugin - options.php Arbitrary Admin Account Creation

SquirrelMail 1.2.11 Administrator Plugin - options.php Arbitrary Admin Account Creation source: https://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2003/06/17 12:0 a.m.17 views

SquirrelMail 1.2.11 - move_messages.php Arbitrary File Moving

SquirrelMail 1.2.11 - movemessages.php Arbitrary File Moving source: https://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due t...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2003/06/17 12:0 a.m.13 views

SquirrelMail 1.2.11 - Multiple Vulnerabilities

SquirrelMail 1.2.11 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/17 12:0 a.m.29 views

SquirrelMail 1.2.11 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient sanitization of URI parameters submitted withi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/17 12:0 a.m.26 views

SquirrelMail 1.2.11 - 'move_messages.php' Arbitrary File Moving

source: https://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient sanitization of URI parameters submitted withi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/17 12:0 a.m.36 views

SquirrelMail 1.2.11 Administrator Plugin - 'options.php' Arbitrary Admin Account Creation

source: https://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient sanitization of URI parameters submitted withi...

7AI score
Exploits0
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.19 views

CVE-2002-0516

SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie...

7.2AI score0.10961EPSS
Exploits1References4
CVE
CVE
added 2003/04/02 5:0 a.m.60 views

CVE-2002-0516

CVE-2002-0516 affects SquirrelMail 1.2.5 and earlier. Affected component: THEME cookie handling. Root cause: authenticated users can modify the THEME cookie to execute arbitrary commands. Impact is high (complete confidentiality, integrity, and availability) as per the cited report. No remediatio...

10CVSS7.6AI score0.10961EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2003/04/02 5:0 a.m.16 views

CVE-2003-0160

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser...

5.8CVSS5.8AI score0.01343EPSS
Exploits0References3
Rows per page
Query Builder