CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-14932

compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://www.openwall.com/lists/oss-security/2020/06/20/1
https://www.openwall.com/lists/oss-security/2020/06/20/1

Products affected by CVE-2020-14932

Squirrelmail » Squirrelmail » Version: 1.4.22

cpe:2.3:a:squirrelmail:squirrelmail:1.4.22

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14932

Products

Pricing

Contact Us