Squirrelmail Security Vulnerabilities and Issues — Squirrelmail CVE List

Lucene search

SquirrelmailSquirrelmail

2 matches found

CVE•added 2006/06/06 8:6 p.m.•103 views

CVE-2006-2842

PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by t...

7.5CVSS7.2AI score0.0094EPSS

CVE•added 2006/06/23 12:2 a.m.•88 views

CVE-2006-3174

Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter.

2.6CVSS5.5AI score0.01164EPSS