📦 Webmail
by Roundcube
🔍 What is Webmail?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2025-49113 is a critical remote code execution vulnerability in Roundcube Webmail affecting authenticated users. It allows attackers to execute arbitrary PHP code on the server by exploiting impro...
A Cross-Site Scripting vulnerability in Roundcube webmail allows attackers to steal and send victims' emails via malicious email attachments with dangerous Content-Type headers. This affects Roundcube...
This vulnerability allows remote command injection in Roundcube Webmail on Windows systems through the im_convert_path and im_identify_path parameters. Attackers can execute arbitrary commands on the ...
This SQL injection vulnerability in Roundcube webmail allows attackers to execute arbitrary SQL commands via search or search_params parameters. It affects all Roundcube installations before version 1...
This CVE describes a Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail that allows attackers to inject malicious scripts via the animate tag in SVG documents. When exploited, this can lead...
Roundcube Webmail contains an information disclosure vulnerability in its HTML style sanitizer that could allow attackers to extract sensitive data from email content. This affects all Roundcube insta...
This Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail allows authenticated users to upload malicious files as email attachments. When recipients view these emails in their SENT folder, th...
This Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail allows attackers to inject malicious scripts via SVG animate attributes. When exploited, it enables session hijacking, credential the...