Vulnerabilities > Squirrelmail > Low

DATE CVE VULNERABILITY TITLE RISK
2006-06-23 CVE-2006-3174 Cross-Site Scripting vulnerability in SquirrelMail
Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter.
network
high complexity
squirrelmail
2.6
2.6
2005-05-02 CVE-2005-0184 Directory traversal vulnerability in ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to read arbitrary files via a ..
local
low complexity
squirrelmail
2.1
2.1