Vulnerabilities > Roundcube > Roundcube Webmail > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-23 | CVE-2015-5383 | Information Exposure vulnerability in Roundcube Webmail and Webmail Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory. | 7.5 |
| 2016-01-29 | CVE-2015-8770 | Path Traversal vulnerability in Roundcube Webmail Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. | 7.5 |