7 matches found
openSUSE: Security Advisory for roundcubemail (openSUSE-SU-2020:1516-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Roundcube Webmail < 1.2.10, 1.3.x < 1.3.11, 1.4.x < 1.4.4 Multiple Vulnerabilities
Roundcube Webmail is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:roundcube:webmail"; if...
CVE-2020-12640
Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...
CVE-2020-12640
Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...
CVE-2020-12640
Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...
CVE-2020-12640
CVE-2020-12640 affects Roundcube Webmail prior to 1.4.4. The vulnerability arises from a directory traversal in a plugin name passed to rcube_plugin_api.php, enabling local file inclusion and arbitrary code execution. Reported impact aligns with partial confidentiality, integrity, and availabilit...
CVE-2020-12640
Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcubepluginapi.php...