CVE-2006-0188
Published Feb 24, 2006
Last updated 7 years ago
Overview
- Description
- webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "026730B8-3919-4100-8607-C640ADBDD662"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AD31177-05BB-4623-AED7-765DB7E44E47"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20247A22-9AB9-4BCE-BF28-350B52FBC62D"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79E6734C-EE1C-40B6-9759-15298707A6F5"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6733B8C-5A9E-45CE-8938-F39A69EB0DC1"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B08E51F1-3764-4146-89C1-20B9B8EE1222"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD4071B2-3D4F-4755-98B1-E28CEB05EA8B"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF6591E5-5F36-4663-85A6-9D870FD49FC7"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D062B70A-E5FF-403B-8BD1-777D6462B7CC"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D4CFD4D-EAC3-4325-A87F-9D5F4C513208"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7ED3CC3-E0A8-4C20-9EF7-405CD32E9EF7"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "442BF5C9-DC58-4A94-A634-33D6A4F3C6DD"
}
],
"operator": "OR"
}
]
}
]