Lucene search
K

10 matches found

Nuclei
Nuclei
added 14 hours ago84 views

Squirrelmail <=1.4.6 - Local File Inclusion

SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if registerglobals is enabled and magicquotesgpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. id:...

7.5CVSS6.4AI score0.44016EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.34 views

openSUSE 10 Security Update : squirrelmail (squirrelmail-1837)

This update fixes a local file inclusion problem in the squirrelmail webmail frontend. The issue is tracked by the Mitre CVE ID CVE-2006-2842. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

7.5CVSS5.3AI score0.44016EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2007/08/02 12:0 a.m.84 views

Mac OS X Multiple Vulnerabilities (Security Update 2007-007)

The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...

10CVSS8AI score0.90768EPSS
Exploits56References45
Tenable Nessus
Tenable Nessus
added 2006/07/04 12:0 a.m.36 views

RHEL 3 / 4 : squirrelmail (RHSA-2006:0547)

An updated squirrelmail package that fixes a local file disclosure flaw is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. A local file disclosure flaw was found ...

7.5CVSS5.6AI score0.44016EPSS
Exploits2References5
Cent OS
Cent OS
added 2006/07/03 5:43 p.m.65 views

squirrelmail security update

CentOS Errata and Security Advisory CESA-2006:0547 An updated squirrelmail package that fixes a local file disclosure flaw is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package writt...

7.5CVSS5.7AI score0.44016EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2006/07/03 4:15 p.m.26 views

Moderate: Red Hat Security Advisory: squirrelmail security update

An updated squirrelmail package that fixes a local file disclosure flaw is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. A local file disclosure flaw was found ...

7.5CVSS5.7AI score0.44016EPSS
Exploits2References4
NVD
NVD
added 2006/06/06 8:6 p.m.20 views

CVE-2006-2842

PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by...

7.5CVSS7.3AI score0.44016EPSS
Exploits2References20
UbuntuCve
UbuntuCve
added 2006/06/06 8:6 p.m.27 views

CVE-2006-2842

PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by...

7.5CVSS6.1AI score0.44016EPSS
Exploits2References1
CVE
CVE
added 2006/06/06 8:3 p.m.151 views

CVE-2006-2842

Summary: CVE-2006-2842 affects SquirrelMail 1.4.6 and earlier, with a PHP local/file inclusion vulnerability in functions/plugin.php when register_globals is enabled and magic_quotes_gpc is disabled. An attacker can induce LFI by supplying a URL in the plugins array parameter, potentially allowin...

7.5CVSS7.2AI score0.44016EPSS
Exploits2References20Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/06/03 12:0 a.m.59 views

SquirrelMail plugin.php plugins Parameter Local File Inclusion

The version of SquirrelMail installed on the remote web server fails to properly sanitize user-supplied input to the 'plugins' parameter of the 'functions/plugin.php' script before using it in a PHP 'includeonce' function. Provided PHP's 'registerglobals' setting is enabled, an unauthenticated...

7.5CVSS6.2AI score0.44016EPSS
Exploits2References3
Rows per page
Query Builder