SquirrelMail Address Add 1.4.2 - Cross-Site Scripting

SquirrelMail Address Add 1.4.2 plugin contains a cross-site scripting vulnerability. It fails to properly sanitize user-supplied input, thus allowing an attacker to execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...

CVE-2026-23103

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrslock be per port Make the addrslock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so for the case of IPv6. ...

CVE-2026-23103

Technical details about CVE-2026-23103 are not provided in the supplied documents. The description mentions making addrs_lock per port and related fixes, but lacks explicit affected products, versions, or remediation steps. Monitor for updates.

CVE-2026-21448

Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template injection. When a normal customer orders any product, in the add address step they can inject a value to run in admin view. The issue can lead to remote code execution. Version...

PT-2026-8217

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the macvlan component, specifically in the macvlan common newlink function. A use-after-free condition can occur when creating a new macvlan link...

EUVD-2005-3128

Malware in sbrugna...

VulnCheck KEV: CVE-2005-3128

Cross-site scripting XSS vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag...

ShopsN single merchant b2c mall system v2.3.6 has SQL injection vulnerability

ShopsN single merchant b2c mall system is an open source online store system developed using PHP + MySQL. ShopsN single merchant b2c mall system v2.3.6Us.class .php file addressadd function has a SQL injection vulnerability , an attacker can use this vulnerability to obtain the administrator...

CVE-2018-14965

An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF...

SquirrelMail 1.4.2 Address Add Plugin Add.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14973/info SquirrelMail Address Add Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary code in the...

CVE-2005-3128

Cross-site scripting XSS vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag...

CVE-2005-3128

CVE-2005-3128 is a cross-site scripting vulnerability in the Address Add Plugin for SquirrelMail (versions 1.9 and 2.0) where the add.php functionality fails to sanitize input, allowing an attacker to inject arbitrary script via the IMG tag . The vulnerability could enable execution of script in ...

CVE-2005-3128

Cross-site scripting XSS vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag...

SquirrelMail 1.4.2 Address Add Plugin - add.php Cross-Site Scripting

SquirrelMail 1.4.2 Address Add Plugin - add.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14973/info SquirrelMail Address Add Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue...