CVE-2004-0519

NUCLEI

SquirrelMail 1.4.2 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Alvin Alex · textwebappsphp
https://www.exploit-db.com/exploits/24068

Nuclei Templates (1)

SquirrelMail 1.4.x - Folder Name Cross-Site Scripting
MEDIUMby dhiyaneshDk

References (18)

Scores

EPSS 0.0019
EPSS Percentile 40.6%

Details

Status published
Products (18)
sgi/propack 3.0
squirrelmail/squirrelmail 1.0.4
squirrelmail/squirrelmail 1.0.5
squirrelmail/squirrelmail 1.2.0
squirrelmail/squirrelmail 1.2.1
squirrelmail/squirrelmail 1.2.2
squirrelmail/squirrelmail 1.2.3
squirrelmail/squirrelmail 1.2.4
squirrelmail/squirrelmail 1.2.5
squirrelmail/squirrelmail 1.2.6
... and 8 more
Published Aug 18, 2004
Tracked Since Feb 18, 2026