Vendor Dictionary: SquirrelMail Project Team

SquirrelMail Project Team

Short Name:	SquirrelMail
Previous Names:	[None Entered]
URL:	http://www.squirrelmail.org/ [visit link]
Email:	ricksquirrelmail.org
Security URL:	http://www.squirrelmail.org/security/ [visit link]
Security Email:	securitysquirrelmail.org
Knowledge Base:	[None Entered]
Notes:	[No Notes]
Full Details...

Vulnerabilities by Vendor Product

SquirrelMail Project Team

SquirrelMail Project Team

Squirrelmail: 1.4.1; OSVDB ID: 17874 SquirrelMail options_identities.php Variable Overwrite Privilege Escalation; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 11603 SquirrelMail mime.php Header Encoding (decodeHeader) XSS; OSVDB ID: 6514 SquirrelMail mime.php Content-Type XSS; OSVDB ID: 6337 SquirreMail compose.php Multiple Parameter XSS; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; OSVDB ID: 3178 SquirrelMail G/PGP (GPG) Plugin cmd Execution; 1.2.6; OSVDB ID: 4262 SquirrelMail addressbook.php Multiple Parameter XSS; OSVDB ID: 4263 SquirrelMail options.php optpage Parameter XSS; OSVDB ID: 4264 SquirrelMail search.php Multiple Parameter XSS; OSVDB ID: 4265 SquirrelMail help.php chapter Parameter XSS; 1.2.7; OSVDB ID: 4262 SquirrelMail addressbook.php Multiple Parameter XSS; OSVDB ID: 4263 SquirrelMail options.php optpage Parameter XSS; OSVDB ID: 4264 SquirrelMail search.php Multiple Parameter XSS; OSVDB ID: 4265 SquirrelMail help.php chapter Parameter XSS; 1.2.9; OSVDB ID: 4266 SquirrelMail read_body.php XSS; 0.x; OSVDB ID: 6337 SquirreMail compose.php Multiple Parameter XSS; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; 1.0.x; OSVDB ID: 6337 SquirreMail compose.php Multiple Parameter XSS; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; 1.1.x; OSVDB ID: 11603 SquirrelMail mime.php Header Encoding (decodeHeader) XSS; OSVDB ID: 6337 SquirreMail compose.php Multiple Parameter XSS; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; 1.2.x; OSVDB ID: 11603 SquirrelMail mime.php Header Encoding (decodeHeader) XSS; OSVDB ID: 6514 SquirrelMail mime.php Content-Type XSS; OSVDB ID: 6337 SquirreMail compose.php Multiple Parameter XSS; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; 1.3.x; OSVDB ID: 11603 SquirrelMail mime.php Header Encoding (decodeHeader) XSS; OSVDB ID: 6514 SquirrelMail mime.php Content-Type XSS; OSVDB ID: 6337 SquirreMail compose.php Multiple Parameter XSS; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; 1.4.0; OSVDB ID: 17874 SquirrelMail options_identities.php Variable Overwrite Privilege Escalation; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 11603 SquirrelMail mime.php Header Encoding (decodeHeader) XSS; OSVDB ID: 6514 SquirrelMail mime.php Content-Type XSS; OSVDB ID: 6337 SquirreMail compose.php Multiple Parameter XSS; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; 1.4.2; OSVDB ID: 17874 SquirrelMail options_identities.php Variable Overwrite Privilege Escalation; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 11603 SquirrelMail mime.php Header Encoding (decodeHeader) XSS; OSVDB ID: 6514 SquirrelMail mime.php Content-Type XSS; OSVDB ID: 6337 SquirreMail compose.php Multiple Parameter XSS; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; 1.4.3-RC1; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 6841 SquirrelMail abook_database.php SQL Injection; 1.5.0; OSVDB ID: 6514 SquirrelMail mime.php Content-Type XSS; 1.4.3; OSVDB ID: 17874 SquirrelMail options_identities.php Variable Overwrite Privilege Escalation; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 11603 SquirrelMail mime.php Header Encoding (decodeHeader) XSS; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; 1.4.3a; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 11603 SquirrelMail mime.php Header Encoding (decodeHeader) XSS; 1.4.4; OSVDB ID: 17874 SquirrelMail options_identities.php Variable Overwrite Privilege Escalation; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; 1.4.0 RC 1; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; 1.4.0 RC 2a; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; 1.4.4 RC1; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; 1.4.5; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; 1.4.6; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; 1.4.7; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; 1.4.5 Release Candidate 1; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; 1.4.6 Release Candidate 1; OSVDB ID: 27917 SquirrelMail compose.php Arbitrary Variable Manipulation; 1.2.10; OSVDB ID: 8291 SquirrelMail read_body.php Multiple Parameter XSS; OSVDB ID: 8292 SquirrelMail mailbox_display.php Multiple Parameter XSS; 1.5.1; OSVDB ID: 26610 SquirrelMail search.php mailbox Parameter XSS; 1.2.x; 1.3.x; 1.4.0; 1.4.1; 1.4.2; 1.5.0; 1.4.18; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; 1.4.19; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; 1.4.20; OSVDB ID: 54506 SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrary Code Execution; 1.2.2; OSVDB ID: 18291 SquirrelMail compose.php IMG Parameter XSS; OSVDB ID: 18289 SquirrelMail read_body.php IMG Tag XSS; 0.9.1; OSVDB ID: 68526 SquirrelMail plugins/vkeyboard/vkeyboard.php passformname Parameter XSS; 1.4.21; OSVDB ID: 74085 SquirrelMail functions/mime.php Email Message STYLE Tag XSS; OSVDB ID: 74084 SquirrelMail functions/options.php Drop-Down Selection List XSS; OSVDB ID: 74086 SquirrelMail Preference Value Manipulation CRLF Injection; OSVDB ID: 74088 SquirrelMail options_order Page XSS; OSVDB ID: 74089 SquirrelMail Spellchecking Plugin > Character XSS; OSVDB ID: 74083 SquirrelMail functions/page_header.php Page Frame Rendering Clickjacking Weakness; OSVDB ID: 74087 SquirrelMail Multiple Password Disclosure CSRF; 1.4.21; 1.4.21; 1.4.21; 1.4.21; 1.4.21; 1.4.21

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.