| Bug | Description |
|---|
| CVE-2020-14933 | compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachme ... |
| CVE-2020-14932 | compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtoda ... |
| CVE-2019-12970 | XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x through 1. ... |
| CVE-2018-14955 | The mail message display page in SquirrelMail through 1.4.22 has XSS v ... |
| CVE-2018-14954 | The mail message display page in SquirrelMail through 1.4.22 has XSS v ... |
| CVE-2018-14953 | The mail message display page in SquirrelMail through 1.4.22 has XSS v ... |
| CVE-2018-14952 | The mail message display page in SquirrelMail through 1.4.22 has XSS v ... |
| CVE-2018-14951 | The mail message display page in SquirrelMail through 1.4.22 has XSS v ... |
| CVE-2018-14950 | The mail message display page in SquirrelMail through 1.4.22 has XSS v ... |
| CVE-2018-8741 | A directory traversal flaw in SquirrelMail 1.4.22 allows an authentica ... |
| CVE-2017-7692 | SquirrelMail 1.4.22 (and other versions before 20170427_0200-SVN) allo ... |
| CVE-2012-2124 | functions/imap_general.php in SquirrelMail, as used in Red Hat Enterpr ... |
| CVE-2011-2753 | Multiple cross-site request forgery (CSRF) vulnerabilities in Squirrel ... |
| CVE-2011-2752 | CRLF injection vulnerability in SquirrelMail 1.4.21 and earlier allows ... |
| CVE-2011-2023 | Cross-site scripting (XSS) vulnerability in functions/mime.php in Squi ... |
| CVE-2010-4555 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1. ... |
| CVE-2010-4554 | functions/page_header.php in SquirrelMail 1.4.21 and earlier does not ... |
| CVE-2010-2813 | functions/imap_general.php in SquirrelMail before 1.4.21 does not prop ... |
| CVE-2010-1637 | The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote ... |
| CVE-2009-2964 | Multiple cross-site request forgery (CSRF) vulnerabilities in Squirrel ... |
| CVE-2009-1581 | functions/mime.php in SquirrelMail before 1.4.18 does not protect the ... |
| CVE-2009-1580 | Session fixation vulnerability in SquirrelMail before 1.4.18 allows re ... |
| CVE-2009-1579 | The map_yp_alias function in functions/imap_general.php in SquirrelMai ... |
| CVE-2009-1578 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail be ... |
| CVE-2009-1381 | The map_yp_alias function in functions/imap_general.php in SquirrelMai ... |
| CVE-2009-0030 | A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID ... |
| CVE-2008-3663 | Squirrelmail 1.4.15 does not set the secure flag for the session cooki ... |
| CVE-2008-2379 | Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 ... |
| CVE-2007-6348 | SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net befo ... |
| CVE-2007-2589 | Cross-site request forgery (CSRF) vulnerability in compose.php in Squi ... |
| CVE-2007-1262 | Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter ... |
| CVE-2006-6142 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1. ... |
| CVE-2006-4019 | Dynamic variable evaluation vulnerability in compose.php in SquirrelMa ... |
| CVE-2006-3665 | SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows ... |
| CVE-2006-3174 | Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail ... |
| CVE-2006-2842 | PHP remote file inclusion vulnerability in functions/plugin.php in Squ ... |
| CVE-2006-0377 | CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows rem ... |
| CVE-2006-0195 | Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 ... |
| CVE-2006-0188 | webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to ... |
| CVE-2005-2095 | options_identities.php in SquirrelMail 1.4.4 and earlier uses the extr ... |
| CVE-2005-1769 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1. ... |
| CVE-2005-0152 | PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows r ... |
| CVE-2005-0104 | Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMai ... |
| CVE-2005-0103 | PHP remote file inclusion vulnerability in webmail.php in SquirrelMail ... |
| CVE-2005-0075 | prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, ... |
| CVE-2004-1036 | Cross-site scripting (XSS) vulnerability in the decoding of encoded te ... |
| CVE-2004-0639 | Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1. ... |
| CVE-2004-0521 | SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows re ... |
| CVE-2004-0520 | Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail ... |
| CVE-2004-0519 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1. ... |
| CVE-2003-0990 | The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 ... |
| CVE-2003-0160 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail be ... |
| CVE-2002-1650 | The spell checker plugin (check_me.mod.php) for SquirrelMail before 1. ... |
| CVE-2002-1649 | Cross-site scripting (XSS) vulnerability in read_body.php in SquirrelM ... |
| CVE-2002-1648 | Cross-site request forgery (CSRF) vulnerability in compose.php in Squi ... |
| CVE-2002-1341 | Cross-site scripting (XSS) vulnerability in read_body.php for Squirrel ... |
| CVE-2002-1276 | An incomplete fix for a cross-site scripting (XSS) vulnerability in Sq ... |
| CVE-2002-1132 | SquirrelMail 1.2.7 and earlier allows remote attackers to determine th ... |
| CVE-2002-1131 | Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier ... |