Squirrelmail · Squirrelmail · CVE-2005-0103
**Name of the Vulnerable Software and Affected Versions**
SquirrelMail versions prior to 1.4.4
**Description**
The issue allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code. This is related to a remote file inclusion vulnerability in the webmail.php file.
**Recommendations**
For versions prior to 1.4.4, update to version 1.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the webmail.php file to minimize the risk of exploitation.