Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3663.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SquirrelMail 授权问题漏洞
Vulnerability Description
SquirrelMail是一套使用PHP语言开发的、跨平台的Webmail邮件系统。 SquirrelMail 1.4.8版本存在授权问题漏洞。攻击者利用该漏洞可以访问其他用户的文件夹列表和配置数据。
CVSS Information
N/A
Vulnerability Type
N/A