Vulnerability Details CVE-2002-1650
The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspell_command parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0296.html
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0306.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7990
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0296.html
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0306.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7990
Products affected by CVE-2002-1650
-
cpe:2.3:a:squirrelmail:squirrelmail:1.2.2