Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde groupware 5.2.17 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-9858
Remote code execution exists in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and _getUpload...
Horde Groupware 5.2.17
Horde Groupware 5.2.22
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.1
CVSSv2
CVE-2017-7414
In Horde_Crypt prior to 2.7.6, as used in Horde Groupware Webmail Edition 5.x up to and including 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically veri...
Horde Groupware 5.1.0
Horde Groupware 5.2.1
Horde Groupware 5.2.2
Horde Groupware 5.0.0
Horde Groupware 5.0.4
Horde Groupware 5.0.5
Horde Groupware 5.1.5
Horde Groupware 5.2.0
Horde Groupware 5.2.7
Horde Groupware 5.0.2
Horde Groupware 5.0.3
Horde Groupware 5.1.3
Horde Groupware 5.1.4
Horde Groupware 5.2.5
Horde Groupware 5.2.6
Horde Groupware 5.0.1
Horde Groupware 5.1.1
Horde Groupware 5.1.2
Horde Groupware 5.2.3
Horde Groupware 5.2.4
9
CVSSv2
CVE-2017-7413
In Horde_Crypt prior to 2.7.6, as used in Horde Groupware Webmail Edition up to and including 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed t...
Horde Groupware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started