EUVD-2001-1388

Malware in sbrugna...

SUSE CVE-2004-0519

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php...

SUSE CVE-2006-0377

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimapmailboxselect command, aka "IMAP injection."...

Open Source Solutions ViMbAdmin Cross-Site Scripting Vulnerability

Open Source Solutions ViMbAdmin is an open source Web-based virtual mailbox management system from Open Source Solutions, Ireland. The system supports administrators to manage domains , mail and aliases and so on. A cross-site scripting vulnerability exists in Open Source Solutions ViMbAdmin...

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

CVE-2006-3174

Cross-site scripting XSS vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when registerglobals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter...

security flaw

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimapmailboxselect command, aka "IMAP injection."...

CVE-2006-0377

CVE-2006-0377 affects SquirrelMail 1.4.0–1.4.5, enabling CRLF injection in the sqimap_mailbox_select path to inject IMAP commands. The Debian/DSA-988 advisory and related OpenVAS entries confirm this trio of vulnerabilities and note a fixed version (Debian: 1.2.6-5 for old Woody; CentOS/Red Hat a...

CVE-2004-2447

CVE-2004-2447 is a cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01. The issue allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to six endpoints: viewmail.tagz, the index script under /user/, members.tagz, general.tagz, advanced.tagz, ...

security flaw

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php...