Aleksander Machniak

80 exploits Active since Aug 2012
CVE-2021-44025 WRITEUP MEDIUM WRITEUP
Roundcube Webmail < 1.3.17 and 1.4.x < 1.4.12 - Cross-Site Scripting via Attachment Filename Extension
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message.
CVSS 6.1
CVE-2021-44026 WRITEUP CRITICAL WRITEUP
Roundcube < 1.3.17 and 1.4.x < 1.4.12 - SQL Injection via Search Parameters
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.
CVSS 9.8
CVE-2021-46144 WRITEUP MEDIUM WRITEUP
Roundcube < 1.4.13 and 1.5.x < 1.5.2 - Cross-Site Scripting via Crafted CSS Token Sequences
Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.
CVSS 6.1
CVE-2022-24953 WRITEUP MEDIUM WRITEUP
Crypt_GPG < 1.6.7 - Argument Injection via GPG Command Options
The Crypt_GPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions.
CVSS 5.3
CVE-2023-43770 WRITEUP MEDIUM WRITEUP
Roundcube <1.4.14, <1.5.4, <1.6.3 - XSS
Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.
CVSS 6.1
CVE-2023-5631 WRITEUP MEDIUM WRITEUP
Roundcube Webmail < 1.4.15, 1.5.x < 1.5.5, 1.6.x < 1.6.4 - Stored Cross-Site Scripting via SVG in HTML Email
Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube_washtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code.
CVSS 6.1
CVE-2024-37383 WRITEUP MEDIUM WRITEUP
Roundcube Webmail < 1.5.7 and 1.6.x < 1.6.7 - Cross-Site Scripting via SVG Animate Attributes
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.
CVSS 6.1
CVE-2025-49113 WRITEUP CRITICAL WRITEUP
Roundcube Webmail < 1.5.10 and 1.6.x < 1.6.11 - Authenticated Remote Code Execution via PHP Object Deserialization
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
CVSS 9.9
CVE-2026-26079 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.13 & <1.6.13 - XSS
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
CVSS 4.7
CVE-2026-26079 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.13 & <1.6.13 - XSS
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
CVSS 4.7
CVE-2026-26079 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.13 & <1.6.13 - XSS
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
CVSS 4.7
CVE-2026-26079 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.13 & <1.6.13 - XSS
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
CVSS 4.7
CVE-2026-35537 WRITEUP LOW WRITEUP
Roundcube Webmail <1.5.14 - Deserialization
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsafe deserialization in the redis/memcache session handler may lead to arbitrary file write operations by unauthenticated attackers via crafted session data.
CVSS 3.7
CVE-2026-35538 WRITEUP LOW WRITEUP
Roundcube Webmail < 1.5.14, 1.6.0-1.6.14, 1.7-beta-1.7-rc5 - IMAP Injection via Search Command Arguments
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsanitized IMAP SEARCH command arguments could lead to IMAP injection or CSRF bypass during mail search.
CVSS 3.1
CVE-2026-35539 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.14, 1.6.0-1.6.14, 1.7-beta-1.7-rc5 - Stored Cross-Site Scripting via HTML Attachment Preview
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. XSS exists because of insufficient HTML attachment sanitization in preview mode. A victim must preview a text/html attachment.
CVSS 6.1
CVE-2026-35541 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.14 - Auth Bypass
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Incorrect password comparison in the password plugin could lead to type confusion that allows a password change without knowing the old password.
CVSS 4.2
CVE-2026-35542 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.14, 1.6.0-1.6.14, 1.7-beta-1.7-rc5 - Information Disclosure via Background Attribute Bypass
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via a crafted background attribute of a BODY element in an e-mail message. This may lead to information disclosure or access-control bypass.
CVSS 5.3
CVE-2026-35543 WRITEUP MEDIUM WRITEUP
Roundcube Webmail < 1.5.14, 1.6.0-1.6.14, 1.7-beta-1.7-rc5 - Information Disclosure via SVG Animate Attribute Bypass
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via SVG content (with animate attributes) in an e-mail message. This may lead to information disclosure or access-control bypass.
CVSS 5.3
CVE-2026-35544 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.14 - CSS Sanitization Bypass
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important.
CVSS 5.3
CVE-2026-35545 WRITEUP MEDIUM WRITEUP
Roundcube Webmail < 1.5.15, 1.6.0-1.6.15, 1.7-beta-1.7-rc5 - Information Disclosure via SVG Animate Element Bypass
An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke.
CVSS 5.3
CVE-2026-25916 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.13 & <1.6.13 - XSS
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage.
CVSS 4.3
CVE-2026-26079 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.13 & <1.6.13 - XSS
Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets (CSS) injection, e.g., because comments are mishandled.
CVSS 4.7
CVE-2026-35537 WRITEUP LOW WRITEUP
Roundcube Webmail <1.5.14 - Deserialization
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsafe deserialization in the redis/memcache session handler may lead to arbitrary file write operations by unauthenticated attackers via crafted session data.
CVSS 3.7
CVE-2026-35538 WRITEUP LOW WRITEUP
Roundcube Webmail < 1.5.14, 1.6.0-1.6.14, 1.7-beta-1.7-rc5 - IMAP Injection via Search Command Arguments
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsanitized IMAP SEARCH command arguments could lead to IMAP injection or CSRF bypass during mail search.
CVSS 3.1
CVE-2026-35539 WRITEUP MEDIUM WRITEUP
Roundcube Webmail <1.5.14, 1.6.0-1.6.14, 1.7-beta-1.7-rc5 - Stored Cross-Site Scripting via HTML Attachment Preview
An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. XSS exists because of insufficient HTML attachment sanitization in preview mode. A victim must preview a text/html attachment.
CVSS 6.1