Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences, related to (1) functions/mailbox_display.php, (2) src/addrbook_search_html.php, (3) src/addressbook.php, (4) src/compose.php, (5) src/folders.php, (6) src/folders_create.php, (7) src/folders_delete.php, (8) src/folders_rename_do.php, (9) src/folders_rename_getname.php, (10) src/folders_subscribe.php, (11) src/move_messages.php, (12) src/options.php, (13) src/options_highlight.php, (14) src/options_identities.php, (15) src/options_order.php, (16) src/search.php, and (17) src/vcard.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SquirrelMail多个表单跨站请求伪造漏洞
Vulnerability Description
SquirrelMail是一款PHP编写的WEBMAIL程序。 SquirrelMail没有正确地过滤用户向多个表单(发送消息、更改偏好等)所提交的内容,远程攻击者可以通过跨站请求伪造攻击执行删除邮件、发送邮件等操作。以下是受影响的页面:functions/mailbox_display.php,src/addrbook_search_html.php,src/addressbook.php,src/compose.php,src/folders.php,src/folders_create.php,sr
CVSS Information
N/A
Vulnerability Type
N/A