Vulnerabilities > Squirrelmail

DATE	CVE	VULNERABILITY TITLE	RISK
2002-08-12	CVE-2002-0516	Remote Command Execution vulnerability in SquirrelMail Theme SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie. network low complexity squirrelmail critical	10.0
2001-07-02	CVE-2001-1159	Remote Command Execution vulnerability in Squirrelmail 1.0.4/1.0.5 load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP. network low complexity squirrelmail	7.5

Vulnerabilities > Squirrelmail {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Squirrelmail"}]}