64 matches found
CVE-2017-7692
CVE-2017-7692 affects SquirrelMail up to 1.4.22 (and likely older in SVN builds) where the sendmail delivery path mishandles a user-controlled sendmail.cf via a popen call. The root cause is the use of escapeshellcmd() in Deliver_SendMail.class.php/initStream, which fails to escape spaces, enabli...
CVE-2006-2842
Summary: CVE-2006-2842 affects SquirrelMail 1.4.6 and earlier, with a PHP local/file inclusion vulnerability in functions/plugin.php when register_globals is enabled and magic_quotes_gpc is disabled. An attacker can induce LFI by supplying a URL in the plugins array parameter, potentially allowin...
CVE-2005-0103
CVE-2005-0103 is a remote code execution vulnerability in SquirrelMail
CVE-2004-1036
CVE-2004-1036 affects SquirrelMail prior to versions 1.4.3a and earlier, and 1.5.1-cvs before 23 Oct 2004. The vulnerability is a cross-site scripting (XSS) flaw in the decoding of encoded text in certain headers within mime.php, enabling remote attackers to run arbitrary web script or HTML in th...
CVE-2004-0521
CVE-2004-0521 affects SquirrelMail prior to version 1.4.3 RC1 through an SQL injection in abook_database.php. Root cause: improper input handling allows remote attackers to execute arbitrary SQL statements. Impact (per sources): confidentiality, integrity, and availability may be fully compromise...
CVE-2005-2095
CVE-2005-2095 affects SquirrelMail
CVE-2019-12970
CVE-2019-12970 is a disclosed XSS in SquirrelMail prior to updates addressing versions up to 1.4.22 and 1.5.x through 1.5.2. Root cause: improper handling of RCDATA/RAWTEXT in the sanitization mechanism allows bypass, enabling malicious script injection from HTML e-mails when assets such as NOEMB...
CVE-2006-4019
CVE-2006-4019 affects SquirrelMail up to version 1.4.7, where a dynamic variable evaluation flaw in compose.php can allow an attacker to overwrite variables used by the script and influence actions, potentially reading/writing attachments and other users’ preferences. The issue stems from unsafe ...
CVE-2006-0188
SquirrelMail webmail 1.4.0–1.4.5 is affected by CVE-2006-0188 (and related CVEs listed in advisory DSA-988-1/CESA-2006:0283), allowing remote attackers to inject arbitrary HTML via the right_frame parameter in webmail.php. Debian/Red Hat/CentOS advisories recommend upgrading to SquirrelMail 1.4.6...
CVE-2010-1637
CVE-2010-1637 affects SquirrelMail up to version 1.4.20 with the Mail Fetch plugin. The vulnerability allows remote authenticated users to bypass firewall rules and proxy through a modified POP3 port to scan internal networks. The documented impact is limited to port-scanning capability via the M...
CVE-2005-0104
CVE-2005-0104 is a cross-site scripting (XSS) vulnerability in SquirrelMail’s webmail.php prior to 1.4.4. The issue allows an attacker to inject arbitrary web script or HTML via certain integer variables, enabling an unchecked/unsanitized input path that can be reflected to users. Public referenc...
CVE-2006-0195
CVE-2006-0195 affects SquirrelMail 1.4.0–1.4.5 and is caused by an interpretation conflict in the MagicHTML filter, enabling remote XSS via style sheet specifiers with invalid /* */ comments or a newline in the url specifier. Public advisories and OpenVAS entries reference related fixes; Debian/C...
CVE-2004-0519
SquirrelMail 1.4.x is affected by multiple cross-site scripting (XSS) vulnerabilities (e.g., via the mailbox parameter in compose.php) that could let remote attackers run arbitrary JavaScript in a user's browser and potentially steal authentication information. The issue concerns SquirrelMail ver...
CVE-2005-1769
CVE-2005-1769 concerns multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail versions 1.4.0–1.4.4. The issues allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the URL or in an e-mail message. The weaknesses have a CVSS v2 base score of 4.3 ...
CVE-2006-6142
CVE-2006-6142 covers multiple XSS vulnerabilities in SquirrelMail 1.4.0–1.4.9. Vulnerabilities include injection of arbitrary web script/HTML via the mailto parameter in webmail.php, the session and delete_draft parameters in compose.php, and additional vectors related to a flaw in the magicHTML ...
CVE-2009-1578
CVE-2009-1578 affects SquirrelMail < 1.4.18 and NaSMail
CVE-2006-0377
CVE-2006-0377 affects SquirrelMail 1.4.0–1.4.5, enabling CRLF injection in the sqimap_mailbox_select path to inject IMAP commands. The Debian/DSA-988 advisory and related OpenVAS entries confirm this trio of vulnerabilities and note a fixed version (Debian: 1.2.6-5 for old Woody; CentOS/Red Hat a...
CVE-2006-3174
CVE-2006-3174 is a cross-site scripting (XSS) vulnerability in SquirrelMail up to version 1.5.1, triggered in search.php when register_globals is enabled. An attacker could inject arbitrary HTML via the mailbox parameter, potentially affecting users who view the affected page. Connected documents...
CVE-2018-8741
SquirrelMail 1.4.22 contains a directory traversal flaw in Deliver.class.php (att_local_name field) that can allow an authenticated attacker to exfiltrate or delete files on the hosting server. Public reports reference CVE-2018-8741 across multiple advisories (Debian DLA-1344-1; Fedora updates fo...
CVE-2009-1579
CVE-2009-1579 affects SquirrelMail before 1.4.18 and NaSMail before 1.7. The flaw is in map_yp_alias within functions/imap_general.php, where a username string used by the ypmatch program can be crafted with shell metacharacters to execute arbitrary commands on the server. Public sources show mul...
CVE-2005-0075
CVE-2005-0075 affects SquirrelMail
CVE-2011-2023
CVE-2011-2023 affects SquirrelMail
CVE-2010-2813
SquirrelMail’s imap_general.php vulnerability (CVE-2010-2813) affects versions prior to 1.4.21, where 8-bit password handling allows remote attackers to trigger a denial of service (disk consumption) by issuing numerous IMAP login attempts with different usernames, causing many preferences files ...
CVE-2010-4554
CVE-2010-4554 affects SquirrelMail 1.4.21 and earlier: the function page_header.php did not prevent rendering in a frame, enabling clickjacking via a crafted site. Remediation is via the backported patches in the 2012 security updates (e.g., RHSA-2012:0103 / ELSA-2012-0103) that restrict the main...
CVE-2007-1262
CVE-2007-1262 affects SquirrelMail 1.4.0–1.4.9a with multiple HTML filter XSS weaknesses: injection via the data: URI in HTML email attachments injection via improper handling of non-ASCII characters when viewed in Internet Explorer.Exploitation could allow remote script execution within the user...
CVE-2002-1131
SquirrelMail 1.2.6/1.2.7 is affected by a cross-site scripting vulnerability in the Virtual Keyboard plugin due to insufficient input sanitization. This could allow an attacker to execute arbitrary script in the victim’s browser (affecting users via the plugin). Debian/OpenVAS entries indicate fi...
CVE-2009-1581
CVE-2009-1581 affects SquirrelMail up to version 1.4.18, where functions/mime.php fails to protect against CSS positioning in HTML email. This allows a remote attacker to spoof the user interface and can enable cross-site scripting (XSS) and phishing via a crafted message. The connected advisorie...
CVE-2012-2124
CVE-2012-2124 affects SquirrelMail’s imap_general.php used in RHEL 4/5; improper handling of 8-bit password characters allows remote attackers to cause DoS by spamming IMAP login attempts, creating many preference files. Root cause: an incorrect fix for CVE-2010-2813. Mitigation/fix references ap...
CVE-2004-0639
CVE-2004-0639 affects SquirrelMail 1.2.0–1.2.10 (and earlier) with multiple XSS vectors in read_body.php and mailbox_display.php (also via event_title/event_text variables). Debian/DSA-535 notes four vulnerabilities including CVE-2004-0639; Debian fixes in 1.2.6-1.4 for Woody and 2:1.4.3a-0.1 for...
CVE-2008-2379
CVE-2008-2379 is a cross-site scripting (XSS) vulnerability in SquirrelMail prior to 1.4.17, triggered by a crafted hyperlink in an HTML email part. The underlying issue is insufficient sanitization of HTML mail, allowing remote attackers to inject script/HTML in a user session. Related advisorie...
CVE-2009-2964
CVE-2009-2964 : Multiple CSRF vulnerabilities in SquirrelMail 1.4.19 and earlier, and NasMail before 1.7, allow remote attackers to hijack user authentication via various forms (send message, change preferences, etc.). Affected components include numerous PHP scripts (functions/mailbox_display.ph...
CVE-2011-2753
SquirrelMail vulnerable: CSRF flaws in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack a user’s session via CSRF on the Empty Trash and Index Order pages (CVE-2011-2753; related CVEs also listed). Impact is described as authentication hijack of unspecified victims; no exploitatio...
CVE-2002-1648
CVE-2002-1648 describes a CSRF vulnerability in SquirrelMail’s compose.php prior to version 1.2.3. An attacker can trigger a request via an IMG URL with manipulated send_to and subject parameters to send mail as another user, exploiting cookie-based authentication. Affected software: SquirrelMail...
CVE-2009-1580
CVE-2009-1580 refers to a session fixation vulnerability in SquirrelMail prior to version 1.4.18 . The issue allows remote attackers to hijack web sessions by supplying a crafted cookie, enabling session takeover with the privileges of the affected user. The provided documents explicitly identify...
CVE-2009-0030
CVE-2009-0030 corresponds to a session cookie handling flaw in SquirrelMail 1.4.8 patched by Red Hat/Miracle Linux advisories. The root cause was an incorrect fix for CVE-2008-3663, causing the SQMSESSID cookie value to be identical across sessions. This enables remote authenticated users to acce...
CVE-2009-1381
CVE-2009-1381 relates to SquirrelMail prior to version 1.4.19-1 on Debian and possibly other OSes, where the map_yp_alias function in functions/imap_general.php allows remote execution of arbitrary commands via shell metacharacters in a username string used by ypmatch. Connected advisories confir...
CVE-2004-0520
CVE-2004-0520 is a cross-site scripting (XSS) vulnerability in mime.php of SquirrelMail prior to 1.4.3. The issue allows remote attackers to inject arbitrary HTML and script via the content-type mail header, demonstrated via read_body.php. The vulnerability affects the webmail client, with an att...
CVE-2020-14933
CVE-2020-14933 affects SquirrelMail 1.4.22. compose.php calls unserialize on the attachments value derived from HTTP POST data, enabling an unsafe deserialization path. The vendor disputes that the required PHP object-injection conditions are met (presence of a PHP magic method and attack-relevan...
CVE-2010-4555
SquirrelMail (PHP webmail) versions up to 1.4.21 and earlier are affected by multiple XSS vulnerabilities (CVE-2010-4555, among others) via vectors including dropdown lists, the SquirrelSpell > character, and errors on the Index Order page. Open-source advisories and Nessus/OpenVAS feeds indic...
CVE-2011-2752
SquirrelMail 1.4.21 and earlier are affected by a CRLF injection (via a newline in input) that allows remote attackers to modify or add user preference values. This is documented as CVE-2011-2752. The issue arises from handling input in preference fields; John Doe? No vendor.
CVE-2018-14950
The CVE-2018-14950 entry applies to SquirrelMail up to version 1.4.22, where the mail message display page is vulnerable to XSS via an SVG attack (). The issue is a client‑side security flaw in how HTML/SVG content is rendered within the mail display view, enabling script execution in the applica...
CVE-2018-14955
CVE-2018-14955 affects SquirrelMail prior to 1.4.23; the mail display page (through 1.4.22) is vulnerable to XSS via SVG animations (animate to attribute). Debian reports a fixed package at squirrelmail 2:1.4.23~svn20120406-2+deb8u3; other disclosures note unpatched status in some distros (e.g., ...
CVE-2007-2589
CVE-2007-2589 : A CSRF vulnerability in SquirrelMail 1.4.0–1.4.9a (compose.php) lets an attacker induce actions (sending mail) from an arbitrary user via data in an IMG SRC attribute. This is described across multiple advisories (RHSA-2007:0358, CentOS/RHSA backport, openSUSE/SUSE ESP). The CVSS ...
CVE-2008-3663
CVE-2008-3663 summary (from provided docs): SquirrelMail prior to the patch release had a session cookie that was not marked Secure during HTTPS, potentially allowing cookie exposure to remote attackers via HTTP requests. The linked advisories reference SquirrelMail 1.4.15 and note that updates/p...
CVE-2018-14953
CVE-2018-14953 affects SquirrelMail up to version 1.4.22, where the mail display page is vulnerable to XSS via crafted content (notably vectors involving and related elements). Debian security advisory confirms multiple XSS CVEs including CVE-2018-14953 and notes that fixes are available in squi...
CVE-2007-6348
CVE-2007-6348 affects SquirrelMail 1.4.11 and 1.4.12 as distributed on SourceForge before 2007-12-13, where an external modification introduced a PHP remote file inclusion vulnerability allowing remote code execution. The vulnerability is categorized with CVSS v2 base score 6.8 (Network attack ve...
CVE-2018-14951
CVE-2018-14951 affects SquirrelMail up to version 1.4.22, where a stored XSS is possible in the mail display page via a crafted form action using a data:text payload. Public disclosures and Debian security advisory confirm the issue and list affected packages; Debian fixes indicate upgrade to squ...
CVE-2020-14932
CVE-2020-14932 affects SquirrelMail 1.4.22, where compose.php unserializes the $mailtodata value originating from an HTTP GET request (related to mailto.php). The underlying issue is unsafe deserialization in PHP, enabling potentially arbitrary object injection. CVSS vectors in the entry indicate...
CVE-2007-2631
Technical details about CVE-2007-2631 are not publicly provided in the supplied documents. Available references discuss related CVEs (1262, 2589) and SquirrelMail mitigations, but no explicit details for CVE-2007-2631.
CVE-2018-14952
CVE-2018-14952 affects SquirrelMail up to 1.4.22 with XSS via crafted HTML payloads on the mail display page (e.g., ). Debian’s DLA-1484-1 notes fixed package squirrelmail 2:1.4.23~svn20120406-2+deb8u3 for Jessie, indicating remediation via upgrade. The connected Nessus/OpenVAS entries confirm un...