CVE-2002-0516
SquirrelMail <1.2.5 - Command Injection
Title source: llmDescription
SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by pokleyzz sakamaniaka · bashwebappsphp
https://www.exploit-db.com/exploits/21358
References (4)
Scores
EPSS
0.0575
EPSS Percentile
90.5%
Details
Status
published
Products (6)
squirrelmail/squirrelmail
1.2.0
squirrelmail/squirrelmail
1.2.1
squirrelmail/squirrelmail
1.2.2
squirrelmail/squirrelmail
1.2.3
squirrelmail/squirrelmail
1.2.4
squirrelmail/squirrelmail
1.2.5
Published
Aug 12, 2002
Tracked Since
Feb 18, 2026