- Jun 9, 2013
- 6,720
The PHP-based webmail package SquirrelMail suffers from a remote code execution vulnerability that could let attackers execute arbitrary commands on the target and compromise the system.
Dawid Golunski, a researcher with Legal Hackers discovered the vulnerability and reported it to the project’s maintainers in January. The researcher has previously uncovered similar remote code execution issues in the email libraries PHPMailer and SwiftMailer.
Developers behind the webmail package have reportedly been informed of the vulnerability but it’s unclear when or if it will be fixed.
Full Article. No Fix for SquirrelMail Remote Code Execution Vulnerability
Dawid Golunski, a researcher with Legal Hackers discovered the vulnerability and reported it to the project’s maintainers in January. The researcher has previously uncovered similar remote code execution issues in the email libraries PHPMailer and SwiftMailer.
Developers behind the webmail package have reportedly been informed of the vulnerability but it’s unclear when or if it will be fixed.
Full Article. No Fix for SquirrelMail Remote Code Execution Vulnerability
