Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian horde vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0932
Directory traversal vulnerability in framework/Image/Image.php in Horde prior to 3.2.4 and 3.3.3 and Horde Groupware prior to 1.1.5 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
Debian Horde 3.3.2
Debian Horde 3.2
Debian Horde Groupware 1.1.3
Debian Horde 3.2.2
Debian Horde Groupware 1.1.1
Debian Horde 3.3.1
Debian Horde 3.2.3
Debian Horde 3.3
Debian Horde Groupware 1.1.2
Debian Horde Groupware 1.1.4
1 EDB exploit
2 Github repositories
NA
CVE-2009-0931
Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde prior to 3.2.4 and 3.3.3, and Horde Groupware prior to 1.1.5, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Debian Horde
Debian Horde Groupware
Debian Horde 3.2.2
Debian Horde 3.2.3
Debian Horde 3.3
NA
CVE-2015-7984
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde prior to 5.2.8, Horde Groupware prior to 5.2.11, and Horde Groupware Webmail Edition prior to 5.2.11 allow remote malicious users to hijack the authentication of administrators for requests that execute arbitrary...
Horde Horde Application Framework
Horde Groupware
Debian Debian Linux 8.0
1 EDB exploit
6.5
CVSSv3
CVE-2020-8866
This vulnerability allows remote malicious users to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of pr...
Horde Groupware 5.2.22
Horde Horde Form
Debian Debian Linux 8.0
2 EDB exploits
NA
CVE-2009-0930
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 4.2.2 and 4.3.3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.
Debian Horde Imp 4.0
Debian Horde Imp
5.4
CVSSv3
CVE-2022-26874
lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer prior to 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.
Horde Horde Mime Viewer
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.1
CVSSv3
CVE-2016-2228
Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary web script or HTML via the searchfield parameter, as demon...
Debian Debian Linux 8.0
Horde Horde Groupware
Horde Groupware
Fedoraproject Fedora 22
Fedoraproject Fedora 23
8.8
CVSSv3
CVE-2019-9858
Remote code execution exists in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and _getUpload...
Horde Groupware 5.2.17
Horde Groupware 5.2.22
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8
CVSSv3
CVE-2022-30287
Horde Groupware Webmail Edition up to and including 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.
Horde Groupware
Debian Debian Linux 10.0
NA
CVE-2008-3330
Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote malicious users to inject arbitrary web script or HTML via the contact name.
Debian Turba 2.2
Debian Horde 3.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »