CRITICAL9.8CVE-2021-44026⚠ KEVRoundcube Webmail SQL Injection Vulnerability from 0, < 1.3.17, >= 1.4.0, < 1.4.12
CRITICAL9.8CVE-2020-12641⚠ KEVRoundcube Webmail Remote Code Execution Vulnerability >= 1.2.0, < 1.2.10, >= 1.3.0, < 1.3.11, >= 1.4.0, < 1.4.4
from 0, < 1.4.14, >= 1.5.0, < 1.5.4, >= 1.6.0, < 1.6.3
MEDIUM6.1⚠ KEVroundcube - security update
from 0, < 1.2.13, >= 1.3.0, < 1.3.16, >= 1.4.0, < 1.4.10
MEDIUM6.1⚠ KEVRoundcube Webmail Cross-Site Scripting (XSS) Vulnerability
from 0, < 1.3.12, >= 1.4.0, < 1.4.5
MEDIUM5.4⚠ KEVroundcube - security update
from 0, < 1.4.15, >= 1.5.0, < 1.5.5, >= 1.6.0, < 1.6.4
CRITICAL9.8Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_p…
>= 1.2.0, < 1.2.10, >= 1.3.0, < 1.3.11, >= 1.4.0, < 1.4.4
MEDIUM6.5An issue was discovered in Roundcube Webmail before 1.4.4.
from 0, < 1.4.4
MEDIUM6.1roundcube - security update
>= 1.5.0, < 1.5.6, >= 1.6.0, < 1.6.5
MEDIUM6.1roundcube - security update
from 0, < 1.3.17, >= 1.4.0, < 1.4.12
MEDIUM6.1roundcube - security update
from 0, < 1.3.15, >= 1.4.0, < 1.4.8
MEDIUM6.1roundcube - security update
from 0, < 1.2.11, >= 1.3.0, < 1.3.14, >= 1.4.0, < 1.4.7
MEDIUM6.1roundcube - security update
from 0, < 1.3.12, >= 1.4.0, < 1.4.5
MEDIUM6.1roundcube - security update
from 0, < 1.4.4
MEDIUM5.4Cross Site Scripting (XSS) vulnerability in Roundcube Mail <=1.4.4 via smtp config in /installer/test.php.
from 0, < 1.4.4
MEDIUM5.4Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php.
>= 1.4.4, <= 1.4.4
MEDIUM5.4Roundcube before 1.4.11 allows XSS via crafted Cascading Style Sheets (CSS) token sequences during HTML email rendering.
from 0, < 1.4.11