CVE-2006-3665 in SquirrelMail
摘要
由 VulDB • 2026-07-13
SquirrelMail 1.4.6及更早版本,在启用register_globals的情况下,允许远程攻击者通过src/redirect.php中的未知途径劫持Cookie。注意:虽然“窃取Cookie”通常与XSS(跨站脚本攻击)相关联,但厂商披露的信息过于模糊,无法确定是否确实如此。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.