Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 1.2.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1317
Cross-site scripting (XSS) vulnerability in Horde Chora module prior to 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Chora 1.2.2
Horde Chora 1.2
Horde Chora
NA
CVE-2009-3237
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.2 prior to 3.2.5 and 3.3 prior to 3.3.5; Groupware 1.1 prior to 1.1.6 and 1.2 prior to 1.2.4; and Groupware Webmail Edition 1.1 prior to 1.1.6 and 1.2 prior to 1.2.4; allow remote malicious users...
Horde Horde Groupware 1.2.3
Horde Horde Application Framework 3.2.3
Horde Horde Groupware 1.1.3
Horde Horde Groupware 1.1.4
Horde Horde Application Framework 3.2
Horde Horde Groupware 1.1.2
Horde Horde Application Framework 3.3
Horde Horde Groupware 1.2
Horde Horde Groupware 1.2.1
Horde Horde Application Framework 3.3.2
Horde Horde Groupware 1.1.1
Horde Horde Application Framework 3.3.4
Horde Horde Application Framework 3.2.1
Horde Horde Application Framework 3.3.1
Horde Horde Application Framework 3.2.2
Horde Horde Groupware 1.1.5
Horde Horde Application Framework 3.2.4
Horde Horde Application Framework 3.3.3
Horde Horde Groupware 1.2.2
Horde Groupware 1.1
Horde Groupware 1.2.2
Horde Groupware 1.2.1
NA
CVE-2005-1315
Cross-site scripting (XSS) vulnerability in Horde Turba module prior to 1.2.5 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Turba 1.2.1 Rc1
Horde Turba 1.2
Horde Turba 1.2.4
Horde Turba 1.2.3 Rc1
Horde Turba 1.2.3
Horde Turba 1.2.1
Horde Turba 1.2.2
NA
CVE-2006-1260
Horde Application Framework 3.0.9 allows remote malicious users to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Horde Horde 2.2.7
Horde Horde 3.0.6
Horde Horde 1.2.8
Horde Horde 2.2.3
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 2.2.1
Horde Horde 1.2.6
Horde Horde 3.0
Horde Horde 2.2.4
Horde Horde 3.0.3
Horde Horde 2.0
Horde Horde 3.0.4
Horde Horde 1.2.5
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.3
Horde Horde 2.2.9
Horde Horde 1.2.2
Horde Horde 2.2.8
Horde Horde 3.0.8
Horde Horde 3.0.9
1 EDB exploit
NA
CVE-2005-3759
Multiple cross-site scripting (XSS) vulnerabilities in Horde prior to 3.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.
Horde Horde 2.2.7
Horde Horde 3.0.6
Horde Horde 1.2.8
Horde Horde 2.2.3
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 2.2.1
Horde Horde 1.2.6
Horde Horde 3.0
Horde Horde 2.2.4
Horde Horde 3.0.3
Horde Horde 2.0
Horde Horde 3.0.4
Horde Horde 1.2.5
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.3
Horde Horde 2.2.9
Horde Horde 1.2.2
Horde Horde 2.2.8
Horde Horde 3.0.2
Horde Horde 3.0.4 Rc1
NA
CVE-2009-3236
The form library in Horde Application Framework 3.2 prior to 3.2.5 and 3.3 prior to 3.3.5; Groupware 1.1 prior to 1.1.6 and 1.2 prior to 1.2.4; and Groupware Webmail Edition 1.1 prior to 1.1.6 and 1.2 prior to 1.2.4; reuses temporary filenames during the upload process which allo...
Horde Groupware 1.1
Horde Application Framework 3.2.4
Horde Groupware 1.2.2
Horde Groupware 1.1.5
Horde Application Framework 3.2.1
Horde Application Framework 3.3.2
Horde Groupware 1.2.1
Horde Application Framework 3.2.2
Horde Groupware 1.1.1
Horde Application Framework 3.3.3
Horde Groupware 1.1.3
Horde Application Framework 3.3.4
Horde Application Framework 3.2.3
Horde Application Framework 3.3.1
Horde Application Framework 3.2
Horde Groupware 1.2
Horde Groupware 1.1.4
Horde Application Framework 3.3
Horde Groupware 1.1.2
Horde Groupware 1.2.3
NA
CVE-2010-3693
Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) prior to 1.1.5, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via vectors related to displaying mailbox names.
Horde Groupware 1.1
Horde Groupware 1.0
Horde Groupware 1.2.2
Horde Groupware 1.1.5
Horde Groupware 1.2.1
Horde Groupware 1.0.2
Horde Groupware 1.0.1
Horde Groupware 1.0.5
Horde Groupware 1.1.1
Horde Groupware 1.0.3
Horde Groupware 1.1.3
Horde Groupware 1.0.4
Horde Groupware 1.2
Horde Groupware 1.1.4
Horde Groupware 1.1.2
Horde Groupware 1.2.3
Horde Groupware 1.0.6
Horde Groupware 1.0.7
Horde Groupware 1.0.8
Horde Groupware 1.1.6
Horde Groupware 1.2.4
Horde Groupware 1.2.5
NA
CVE-2007-1473
Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework prior to 3.1.4 RC1, when the login page contains a language selection box, allows remote malicious users to inject arbitrary web script or HTML via the new_lang parameter to login.php.
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 2.0
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.1.2
Horde Horde Application Framework 2.2.9
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 1.2.1
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 2.2.8
Horde Horde Application Framework 2.2.6
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.2.7
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 3.0.8
1 EDB exploit
NA
CVE-2005-4190
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework prior to 3.0.8 allow remote authenticated users to inject arbitrary web script or HTML via multiple vectors, as demonstrated by (1) the identity field, (2) Category and (3) Label search fields, (4)...
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 1.0.3 4
Horde Horde Application Framework 1.0.2 1
Horde Horde Application Framework 2.0
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 1.0.3 3
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 1.0.10
Horde Horde Application Framework 2.2.9
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 1.2.1
Horde Horde Application Framework 1.0.9
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 2.2.8
Horde Horde Application Framework 2.2.6
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.0.0
Horde Horde Application Framework 1.2.7
NA
CVE-2008-6746
Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 prior to 2.2.1 allows remote malicious users to inject arbitrary web script or HTML via the contact name.
Horde Turba H3 0.0.2
Horde Turba H3 2.0
Horde Turba H3 2.0.2
Horde Turba H3 2.2
Horde Turba H3 1.2.5
Horde Turba H3 2.0.1
Horde Turba H3 1.2.2
Horde Turba H3 2.1.1
Horde Turba H3 2.1.4
Horde Turba H3 0.0.1
Horde Turba H3 2.1
Horde Turba H3 2.1.5
Horde Turba H3 1.1
Horde Turba H3 1.2
Horde Turba H3 2.0.5
Horde Turba H3 2.1.6
Horde Turba H3 1.0
Horde Turba H3 2.1.7
Horde Turba H3 2.1.2
Horde Turba H3 1.2.4
Horde Turba H3 1.2.3
Horde Turba H3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »