VDB

GCVE-110-MAGEIA-2017-121

GCVE-110-MAGEIA-2017-121
Advisory Published
Vulnetix · Advisory published May 1, 2017
Squirrelmail version 1.4.22 (and probably prior) is vulnerable to a remote code execution vulnerability because it fails to sanitize a string before passing it to a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server (CVE-2017-7692).

Affected Products

VendorProductVersionsPlatforms
Mageiaphatch0 (affected), 0.2.7.1-14.1.mga6 (unaffected)
Mageiasquirrelmail0 (affected), 1.4.22-12.2.mga5 (unaffected), 1.4.22-12.2.mga5 (unaffected), 0 (affected)

Browse GCVE Records

72,148 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›