15 matches found
SUSE CVE-2021-47015
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RX consumer index logic in the error path. In bnxtrxpkt, the RX buffers are expected to complete in order. If the RX consumer index indicates an out of order buffer completion, it means we are hitting a hardware bug a...
SUSE CVE-2010-4555
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 drop-down selection lists, 2 the greater than character in the SquirrelSpell spellchecking plugin, and 3 errors associated wit...
SUSE CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
CVE-2018-16356
An issue was discovered in PbootCMS. There is a SQL injection via the api.php/List/index order parameter...
Sql injection
An issue was discovered in PbootCMS. There is a SQL injection via the api.php/List/index order parameter...
SquirrelMail: CSRF in the empty trash feature and in Index Order page
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
SquirrelMail: Multiple XSS flaws
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 drop-down selection lists, 2 the greater than character in the SquirrelSpell spellchecking plugin, and 3 errors associated wit...
CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
UBUNTU-CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
CVE-2010-4555
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 drop-down selection lists, 2 the greater than character in the SquirrelSpell spellchecking plugin, and 3 errors associated wit...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 drop-down selection lists, 2 the greater than character in the SquirrelSpell spellchecking plugin, and 3 errors associated wit...
CVE-2010-4555
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 drop-down selection lists, 2 the greater than character in the SquirrelSpell spellchecking plugin, and 3 errors associated wit...
CVE-2010-4555
Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 drop-down selection lists, 2 the greater than character in the SquirrelSpell spellchecking plugin, and 3 errors associated wit...
CVE-2010-4555
SquirrelMail (PHP webmail) versions up to 1.4.21 and earlier are affected by multiple XSS vulnerabilities (CVE-2010-4555, among others) via vectors including dropdown lists, the SquirrelSpell > character, and errors on the Index Order page. Open-source advisories and Nessus/OpenVAS feeds indic...