Squirrelmail

Gpg Plugin

7 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.62%
  • Veröffentlicht 15.07.2007 22:30:00
  • Zuletzt bearbeitet 16.06.2026 22:28:32

Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev before 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the help parameter to (1) gpg...

  • EPSS 2.67%
  • Veröffentlicht 15.07.2007 22:30:00
  • Zuletzt bearbeitet 16.06.2026 22:42:42

The G/PGP (GPG) Plugin 2.0, and 2.1dev before 20060912, for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpg_check_sign_pgp_mime function in gpg_hook_functions.p...

  • EPSS 1.19%
  • Veröffentlicht 15.07.2007 22:30:00
  • Zuletzt bearbeitet 16.06.2026 22:42:42

PHP local file inclusion vulnerability in gpg_pop_init.php in the G/PGP (GPG) Plugin before 20070707 for Squirrelmail allows remote attackers to include and execute arbitrary local files, related to the MOD parameter.

  • EPSS 1.62%
  • Veröffentlicht 10.07.2007 00:30:00
  • Zuletzt bearbeitet 16.06.2026 22:42:25

Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpg_sign_attachment function,...

  • EPSS 0.26%
  • Veröffentlicht 10.07.2007 00:30:00
  • Zuletzt bearbeitet 16.06.2026 22:42:25

Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-...

  • EPSS 3.08%
  • Veröffentlicht 10.07.2007 00:30:00
  • Zuletzt bearbeitet 16.06.2026 22:42:25

Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote attackers to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon a vague pre-advisory from a reliable researcher.

  • EPSS 10.26%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:13:55

The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.ph...