Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-1580 | 5.8 |
Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie.
|
29-09-2017 - 01:34 | 14-05-2009 - 17:30 | |
CVE-2009-1578 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to c
|
29-09-2017 - 01:34 | 14-05-2009 - 17:30 | |
CVE-2009-1579 | 6.8 |
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
|
29-09-2017 - 01:34 | 14-05-2009 - 17:30 | |
CVE-2009-1581 | 4.3 |
functions/mime.php in SquirrelMail before 1.4.18 does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages, which allows remote attackers to spoof the user interface, and conduct cross-site scrip
|
29-09-2017 - 01:34 | 14-05-2009 - 17:30 | |
CVE-2009-2964 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences
|
19-09-2017 - 01:29 | 25-08-2009 - 17:30 |