1 matches found
security flaw
prefs.php in SquirrelMail before 1.4.4, with registerglobals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers...