CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

Design/Logic Flaw

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

UBUNTU-CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php...

CVE-2020-14932

CVE-2020-14932 affects SquirrelMail 1.4.22, where compose.php unserializes the $mailtodata value originating from an HTTP GET request (related to mailto.php). The underlying issue is unsafe deserialization in PHP, enabling potentially arbitrary object injection. CVSS vectors in the entry indicate...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 dir and 2 pageid parameter to a index.php and 3 userid parameter to b mailto.php. NOTE: it is possible that issues 1 and 2 are resultant from SQL injectio...

CVE-2006-1008

Multiple cross-site scripting XSS vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 dir and 2 pageid parameter to a index.php and 3 userid parameter to b mailto.php. NOTE: it is possible that issues 1 and 2 are resultant from SQL injectio...