CVE-2002-0516

SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.

Date published : 2003-04-02

http://www.securityfocus.com/bid/4385

http://archives.neohapsis.com/archives/bugtraq/2002-03/0350.html