Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2013-6172

steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the _session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code.

  • Published: Nov 5, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-6172
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
roundcube / webmail 0.5.2 0.5.2.x
roundcube / webmail 0.5.4 0.5.4.x
roundcube / webmail 0.1-rc1 0.1-rc1.x
roundcube / webmail 0.1-20050820 0.1-20050820.x
roundcube / webmail 0.1-20051007 0.1-20051007.x
roundcube / webmail 0.4 0.4.x
roundcube / webmail 0.9-rc2 0.9-rc2.x
roundcube / webmail 0.1 0.1.x
roundcube / webmail 0.1-beta2 0.1-beta2.x
roundcube / webmail 0.9.4 0.9.4.x
roundcube / webmail 0.8.5 0.8.5.x
roundcube / webmail 0.1-beta 0.1-beta.x
roundcube / webmail 0.1-20050811 0.1-20050811.x
roundcube / webmail 0.3-rc1 0.3-rc1.x
roundcube / webmail 0.5-rc 0.5-rc.x
roundcube / webmail 0.8.3 0.8.3.x
roundcube / webmail 0.2-stable 0.2-stable.x
roundcube / webmail 0.9.1 0.9.1.x
roundcube / webmail 0.2-alpha 0.2-alpha.x
roundcube / webmail 0.8.1 0.8.1.x
roundcube / webmail 0.1-rc2 0.1-rc2.x
roundcube / webmail 0.3-beta 0.3-beta.x
roundcube / webmail 0.1-stable 0.1-stable.x
roundcube / webmail 0.7 0.7.x
roundcube / webmail - 0.8.6.x
roundcube / webmail 0.5-beta 0.5-beta.x
roundcube / webmail 0.4.2 0.4.2.x
roundcube / webmail 0.9.2 0.9.2.x
roundcube / webmail 0.8.0 0.8.0.x
roundcube / webmail 0.8.2 0.8.2.x
roundcube / webmail 0.1-20051021 0.1-20051021.x
roundcube / webmail 0.5.1 0.5.1.x
roundcube / webmail 0.7.2 0.7.2.x
roundcube / webmail 0.6 0.6.x
roundcube / webmail 0.2.2 0.2.2.x
roundcube / webmail 0.3 0.3.x
roundcube / webmail 0.1.1 0.1.1.x
roundcube / webmail 0.4-beta 0.4-beta.x
roundcube / webmail 0.7.3 0.7.3.x
roundcube / webmail 0.1-alpha 0.1-alpha.x
roundcube / webmail 0.4.1 0.4.1.x
roundcube / webmail 0.9.0 0.9.0.x
roundcube / webmail 0.7.1 0.7.1.x
roundcube / webmail 0.2 0.2.x
roundcube / webmail 0.5.3 0.5.3.x
roundcube / webmail 0.2-beta 0.2-beta.x
roundcube / webmail 0.3.1 0.3.1.x
roundcube / webmail 0.9-beta 0.9-beta.x
roundcube / webmail 0.9-rc 0.9-rc.x
roundcube / webmail 0.5 0.5.x
roundcube / webmail 0.2.1 0.2.1.x
roundcube / webmail 0.8.4 0.8.4.x
roundcube / webmail 0.3-stable 0.3-stable.x
roundcube / webmail 0.9.3 0.9.3.x