CVE-2006-2842
published 2006-06-06CVE-2006-2842: PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is…
PriorityP349high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
46.56%
98.7th percentile
PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| squirrelmail | squirrelmail | <= 1.4.6 | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
| squirrelmail | squirrelmail | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2006-06-01·CVSS 7.5
CVE-2006-2842 [HIGH] security flaw
security flaw
PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable
GHSA
GHSA-h9qp-9p74-vrxm: ** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin
ghsa_unreviewed·2022-05-03
CVE-2006-2842 [HIGH] GHSA-h9qp-9p74-vrxm: ** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin
** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable.
No detection rules found.
Exploit-DB
Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion
exploitdb·2006-06-02
CVE-2006-2842 Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion
Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion
---
source: https://www.securityfocus.com/bid/18231/info
SquirrelMail is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
A successful exploit may allow unauthorized users to view files and to execute local scripts; other attacks are also possible.
http://www.example.com/[squirrelmail dir]/src/redirect.php?plugins[]=../../../../etc/passwd%00
Nuclei
Squirrelmail <=1.4.6 - Local File Inclusion
nuclei·CVSS 7.5
CVE-2006-2842 [HIGH] Squirrelmail <=1.4.6 - Local File Inclusion
Squirrelmail <=1.4.6 - Local File Inclusion
SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
Template:
id: CVE-2006-2842
info:
name: Squirrelmail <=1.4.6 - Local File Inclusion
author: dhiyaneshDk
severity: high
description: SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
impact: |
An attacker can exploit this v
Bugzilla
CVE-2006-2842 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2006-2842 [HIGH] CVE-2006-2842 security flaw
CVE-2006-2842 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a se
Bugzilla
CVE-2006-2842 Squirrelmail file inclusion
bugzilla·2006-06-06·CVSS 7.5
CVE-2006-2842 [HIGH] CVE-2006-2842 Squirrelmail file inclusion
CVE-2006-2842 Squirrelmail file inclusion
+++ This bug was initially created as a clone of Bug #194283 +++
Squirrelmail file inclusion
A PHP file inclusion error was found in squirrelmail. If if
register_globals is enabled and magic_quotes_gpc is disabled,
it becomes possible for an unauthenticated remote attacker to view
arbitrary file contents.
This confuration is not default nor safe.
http://marc.theaimsgroup.com/?l=bugtraq&m=114920246410100&w=2
This issue also affects RHEL3
Discussion:
There is an upstream patch here:
http://www.squirrelmail.org/security/issue/2006-06-01
Bugzilla
CVE-2006-2842 Squirrelmail file inclusion
bugzilla·2006-06-06·CVSS 7.5
CVE-2006-2842 [HIGH] CVE-2006-2842 Squirrelmail file inclusion
CVE-2006-2842 Squirrelmail file inclusion
Squirrelmail file inclusion
A PHP file inclusion error was found in squirrelmail. If if
register_globals is enabled and magic_quotes_gpc is disabled,
it becomes possible for an unauthenticated remote attacker to view
arbitrary file contents.
This confuration is not default nor safe.
http://marc.theaimsgroup.com/?l=bugtraq&m=114920246410100&w=2
This issue also affects RHEL3
Discussion:
There is an upstream patch here:
http://www.squirrelmail.org/security/issue/2006-06-01
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You ma
Greynoiseio
NoiseLetter October 2025
blogs_greynoiseio
NoiseLetter October 2025
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.aschttp://docs.info.apple.com/article.html?artnum=306172http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlhttp://secunia.com/advisories/20406http://secunia.com/advisories/20931http://secunia.com/advisories/21159http://secunia.com/advisories/21262http://secunia.com/advisories/26235http://securitytracker.com/id?1016209http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLEhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:101http://www.novell.com/linux/security/advisories/2006_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0547.htmlhttp://www.securityfocus.com/archive/1/435605/100/0/threadedhttp://www.securityfocus.com/bid/18231http://www.securityfocus.com/bid/25159http://www.squirrelmail.org/security/issue/2006-06-01http://www.vupen.com/english/advisories/2006/2101http://www.vupen.com/english/advisories/2007/2732https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11670ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.aschttp://docs.info.apple.com/article.html?artnum=306172http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.htmlhttp://secunia.com/advisories/20406http://secunia.com/advisories/20931http://secunia.com/advisories/21159http://secunia.com/advisories/21262http://secunia.com/advisories/26235http://securitytracker.com/id?1016209http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLEhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:101http://www.novell.com/linux/security/advisories/2006_17_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2006-0547.htmlhttp://www.securityfocus.com/archive/1/435605/100/0/threadedhttp://www.securityfocus.com/bid/18231http://www.securityfocus.com/bid/25159http://www.squirrelmail.org/security/issue/2006-06-01http://www.vupen.com/english/advisories/2006/2101http://www.vupen.com/english/advisories/2007/2732https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11670
2006-06-06
Published