The PHP-based webmail package SquirrelMail suffers from a remote code execution vulnerability that could let attackers execute arbitrary commands on the target and compromise the system.
Dawid Golunski, a researcher with Legal Hackers discovered the vulnerability and reported it to the project’s maintainers in January. The researcher has previously uncovered similar remote code execution issues in the email libraries PHPMailer and SwiftMailer.
Leave a reply
