Total vulnerabilities in the database
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
| Software | From | Fixed in |
|---|---|---|
| squirrelmail / squirrelmail | 1.4.2 | 1.4.2.x |
| squirrelmail / squirrelmail | 1.4.6_rc1 | 1.4.6_rc1.x |
| squirrelmail / squirrelmail | 1.4.3_r3 | 1.4.3_r3.x |
| squirrelmail / squirrelmail | 1.4.9a | 1.4.9a.x |
| squirrelmail / squirrelmail | 1.4.6 | 1.4.6.x |
| squirrelmail / squirrelmail | 1.4.7 | 1.4.7.x |
| squirrelmail / squirrelmail | 1.4.3_rc1 | 1.4.3_rc1.x |
| squirrelmail / squirrelmail | 1.4.4_rc1 | 1.4.4_rc1.x |
| squirrelmail / squirrelmail | 1.4.3 | 1.4.3.x |
| squirrelmail / squirrelmail | 1.4.1 | 1.4.1.x |
| squirrelmail / squirrelmail | 1.4.9 | 1.4.9.x |
| squirrelmail / squirrelmail | 1.4.8 | 1.4.8.x |
| squirrelmail / squirrelmail | 1.4.6_cvs | 1.4.6_cvs.x |
| squirrelmail / squirrelmail | 1.4.0 | 1.4.0.x |
| squirrelmail / squirrelmail | 1.4.3a | 1.4.3a.x |
| squirrelmail / squirrelmail | 1.4.4 | 1.4.4.x |
| squirrelmail / squirrelmail | 1.4.3aa | 1.4.3aa.x |
| squirrelmail / squirrelmail | 1.4.5 | 1.4.5.x |