CVE-2006-3665 in SquirrelMail信息

摘要

由 VulDB • 2026-07-13

SquirrelMail 1.4.6及更早版本,在启用register_globals的情况下,允许远程攻击者通过src/redirect.php中的未知途径劫持Cookie。注意:虽然“窃取Cookie”通常与XSS(跨站脚本攻击)相关联,但厂商披露的信息过于模糊,无法确定是否确实如此。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!