Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RoundcubeWebmail1.2.0

2 matches found

CVE
CVEadded 2020/05/04 3:15 p.m.594 views

CVE-2020-12641

rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.

9.8CVSS9.5AI score0.93068EPSS
In wild
CVE
CVEadded 2020/05/04 3:15 p.m.184 views

CVE-2020-12640

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.

9.8CVSS9.1AI score0.20084EPSS