4 matches found
SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting
The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. id: CVE-2002-1131 info: name: SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting author: dhiyaneshDk,s4e-io severity: high description:...
Debian Security Advisory DSA 191-2 (squirrelmail)
The remote host is missing an update to squirrelmail announced via advisory DSA 191-2. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2002-1131
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via 1 addressbook.php, 2 options.php, 3 search.php, or 4 help.php...
CVE-2002-1131
SquirrelMail 1.2.6/1.2.7 is affected by a cross-site scripting vulnerability in the Virtual Keyboard plugin due to insufficient input sanitization. This could allow an attacker to execute arbitrary script in the victim’s browser (affecting users via the plugin). Debian/OpenVAS entries indicate fi...