Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde groupware 5.2.17 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-9858
Remote code execution exists in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and _getUpload...
Horde Groupware 5.2.17
Horde Groupware 5.2.22
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-7414
In Horde_Crypt prior to 2.7.6, as used in Horde Groupware Webmail Edition 5.x up to and including 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically veri...
Horde Groupware 5.1.0
Horde Groupware 5.2.1
Horde Groupware 5.2.2
Horde Groupware 5.0.0
Horde Groupware 5.0.4
Horde Groupware 5.0.5
Horde Groupware 5.1.5
Horde Groupware 5.2.0
Horde Groupware 5.2.7
Horde Groupware 5.0.2
Horde Groupware 5.0.3
Horde Groupware 5.1.3
Horde Groupware 5.1.4
Horde Groupware 5.2.5
Horde Groupware 5.2.6
Horde Groupware 5.0.1
Horde Groupware 5.1.1
Horde Groupware 5.1.2
Horde Groupware 5.2.3
Horde Groupware 5.2.4
8.8
CVSSv3
CVE-2017-7413
In Horde_Crypt prior to 2.7.6, as used in Horde Groupware Webmail Edition up to and including 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed t...
Horde Groupware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started