Max CVSS 6.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-3663 5.0
Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
11-10-2018 - 20:49 24-09-2008 - 14:56
CVE-2007-2589 5.0
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
11-10-2017 - 01:32 11-05-2007 - 04:20
CVE-2006-6142 6.8
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in
11-10-2017 - 01:31 05-12-2006 - 11:28
CVE-2009-1580 5.8
Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie.
29-09-2017 - 01:34 14-05-2009 - 17:30
CVE-2009-1581 4.3
functions/mime.php in SquirrelMail before 1.4.18 does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages, which allows remote attackers to spoof the user interface, and conduct cross-site scrip
29-09-2017 - 01:34 14-05-2009 - 17:30
CVE-2009-2964 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences
19-09-2017 - 01:29 25-08-2009 - 17:30
CVE-2011-2753 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order
29-08-2017 - 01:29 17-07-2011 - 20:55
Back to Top Mark selected
Back to Top