Roundcube : Security Vulnerabilities, CVEs, Published In 2016 (Code Execution)
steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticated users to execute arbitrary code via a modified HTTP request that sends a crafted e-mail message.
Max CVSS
7.5
EPSS Score
0.68%
Published
2016-12-08
Updated
2017-07-01
Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. (dot dot) in the _skin parameter to index.php.
Max CVSS
7.5
EPSS Score
11.95%
Published
2016-01-29
Updated
2018-10-09
2 vulnerabilities found