Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0744
Horde IMP 2.2.4 and previous versions allows local users to overwrite files via a symlink attack on a temporary file.
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp
Horde Imp 2.2
Horde Imp 2.0
Horde Imp 2.2.1
NA
CVE-2009-2360
Cross-site scripting (XSS) vulnerability in passwd/main.php in the Passwd module prior to 3.1.1 for Horde allows remote malicious users to inject arbitrary web script or HTML via the backend parameter.
Horde Passwd
Horde Passwd 2.2.1
Horde Passwd 2.2.2
Horde Passwd 2.2
Horde Passwd 2.1
Horde Passwd 2.0
1 EDB exploit
NA
CVE-2005-3759
Multiple cross-site scripting (XSS) vulnerabilities in Horde prior to 3.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.
Horde Horde 1.2.4
Horde Horde 1.2.5
Horde Horde 2.2.1
Horde Horde 2.2.3
Horde Horde 2.2.9
Horde Horde 3.0
Horde Horde 3.0.6
Horde Horde 3.0.7
Horde Horde 1.2.2
Horde Horde 1.2.3
Horde Horde 2.1
Horde Horde 2.1.3
Horde Horde 2.2
Horde Horde 2.2.7
Horde Horde 2.2.8
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.6
Horde Horde 1.2.7
Horde Horde 2.2.4
Horde Horde 2.2.4 Rc1
Horde Horde 3.0.1
NA
CVE-2006-1260
Horde Application Framework 3.0.9 allows remote malicious users to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Horde Horde 1.2.2
Horde Horde 1.2.3
Horde Horde 2.1
Horde Horde 2.1.3
Horde Horde 2.2.6
Horde Horde 2.2.7
Horde Horde 2.2.8
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.4
Horde Horde 1.2.5
Horde Horde 2.2
Horde Horde 2.2.1
Horde Horde 2.2.9
Horde Horde 3.0
Horde Horde 3.0.6
Horde Horde 3.0.7
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 1.2.8
Horde Horde 2.0
Horde Horde 2.2.4 Rc1
1 EDB exploit
NA
CVE-2001-1257
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) prior to 2.2.6 and 1.2.6 allows remote malicious users to execute arbitrary Javascript embedded in an email.
Horde Imp 2.0
Horde Imp 2.2.4
Horde Imp 2.2.5
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 2.2
Horde Imp 2.2.1
NA
CVE-2001-1258
Horde Internet Messaging Program (IMP) prior to 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.5
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 2.2.1
Horde Imp 2.2.2
NA
CVE-2005-1313
Cross-site scripting (XSS) vulnerability in Horde Passwd module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Passwd 2.0
Horde Passwd 2.1
Horde Passwd 2.2
Horde Passwd 2.2.1
NA
CVE-2004-1443
Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and previous versions, when used with Internet Explorer, allows remote malicious users to inject arbitrary web script or HTML via an e-mail message.
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.2
Horde Imp 3.2.3
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1
Horde Imp 3.1.2
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2
Horde Imp 3.2.1
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
Horde Imp 3.0
Horde Imp 3.2.4
NA
CVE-2004-0584
Unknown vulnerability in Horde IMP 3.2.3 and previous versions, before a "security fix," does not properly validate input, which allows remote malicious users to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross...
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.2
Horde Imp 3.2.3
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
Horde Imp 3.0
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1
Horde Imp 3.1.2
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2
Horde Imp 3.2.1
NA
CVE-2006-4255
Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 prior to 4.1.3 allows remote malicious users to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolder_label form field in the IMP...
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 3.0.6
Horde Imp 2.2
Horde Imp 2.2.1
Horde Imp 2.2.8
Horde Imp 2.3
Horde Imp 3.2.4
Horde Imp 3.2.5
Horde Horde 3.0.1
Horde Horde 3.0.2
Horde Horde 3.0.9
Horde Horde 3.1
Horde Horde 3.0
Horde Horde 3.0.7
Horde Horde 3.0.8
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 3.0
Horde Imp 3.1
Horde Horde 3.0.3
Horde Horde 3.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »