CVE-2002-1131

EXPLOITED NUCLEI

SquirrelMail < 1.2.7 - Cross-Site Scripting via addressbook.php, options.php, search.php, or help.php

Title source: llm

Exploitation Summary

CVE-2002-1131 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including DarC KonQuest. A Nuclei detection template is also available.

AI-analyzed exploit summary The exploit demonstrates multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.2.7 by crafting malicious URLs that inject JavaScript code into various PHP scripts. The PoC includes examples for scripts like addressbook.php, options.php, search.php, and help.php.

Description

Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarC KonQuest · textwebappsphp

https://www.exploit-db.com/exploits/21811

View Code ZIP pw:eip

The exploit demonstrates multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.2.7 by crafting malicious URLs that inject JavaScript code into various PHP scripts. The PoC includes examples for scripts like addressbook.php, options.php, search.php, and help.php.

Classification

Working Poc 100%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: SquirrelMail 1.2.7

No auth needed

Prerequisites: Access to a vulnerable SquirrelMail instance · Victim interaction to click malicious links

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting

HIGHby dhiyaneshDk,s4e-io

Shodan: http.title:"squirrelmail" || cpe:"cpe:2.3:a:squirrelmail:squirrelmail"

FOFA: title="squirrelmail"

References (6)

Core 6

Core References

Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/10145.php

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/5763

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2002/dsa-191

Product x_refsource_confirm

http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774

Patch, Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2002-204.html

Scores

EPSS 0.0390

EPSS Percentile 88.6%

Details

VulnCheck KEV 2025-06-07

Status published

Products (1)

squirrelmail/squirrelmail < 1.2.7

Published Oct 04, 2002

Tracked Since Feb 18, 2026