Vulnerabilities > Squirrelmail > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-23 | CVE-2006-3174 | Cross-Site Scripting vulnerability in SquirrelMail Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter. | 2.6 |
2005-05-02 | CVE-2005-0184 | Directory traversal vulnerability in ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to read arbitrary files via a .. | 2.1 |