Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 2.2.4 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-26874
lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer prior to 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.
Horde Horde Mime Viewer
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2012-0791
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 5.0.18 and Horde Groupware Webmail Edition prior to 4.0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compo...
Horde Imp 2.2.7
Horde Dynamic Imp 1.1
Horde Imp 2.2.5
Horde Imp 4.0
Horde Dynamic Imp 1.1.6
Horde Imp 4.1.3
Horde Dynamic Imp 1.1.1
Horde Dynamic Imp 5.0.4
Horde Imp 4.1.6
Horde Imp 5.0.3
Horde Imp 3.1
Horde Imp 5.0.2
Horde Dynamic Imp 5.0.13
Horde Imp 4.3.6
Horde Dynamic Imp 1.0
Horde Dynamic Imp 5.0.5
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 5.0
Horde Imp 4.3.3
Horde Imp 4.2
Horde Dynamic Imp
4.3
CVSSv2
CVE-2010-4778
Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allow remote malicious users to inject arbitrary web script or HTML via the (1) username (aka fmusername), (2) password (aka ...
Horde Imp 4.0.3
Horde Imp 4.1.6
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 4.2.2
Horde Imp 4.2
Horde Imp 3.2.7
Horde Imp 4.0
Horde Imp 3.2
Horde Imp 3.2.2
Horde Imp 2.2
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 3.2.6
Horde Imp 3.2.5
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.4
Horde Imp 4.3.6
Horde Imp 2.0
4.3
CVSSv2
CVE-2010-3695
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related t...
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.1
Horde Imp 4.1.5
Horde Imp 4.0.3
Horde Imp 2.2.5
Horde Imp 4.3.5
Horde Imp 4.2.2
Horde Imp 4.3
Horde Imp 4.3.2
Horde Imp 3.2.7
Horde Imp 3.2
Horde Imp 3.1.2
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 2.0
Horde Imp 4.3.3
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 2.2.8
Horde Imp 3.1
Horde Imp 4.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2010-3077
Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework prior to 3.3.9 allows remote malicious users to inject arbitrary web script or HTML via the subdir parameter.
Horde Horde Application Framework 1.0.3
Horde Horde Application Framework 1.1.1
Horde Horde Application Framework 2.0
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2.6
Horde Horde Application Framework 2.2.7
Horde Horde Application Framework 3.0.3
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 3.1.3
Horde Horde Application Framework 3.1.4
Horde Horde Application Framework 3.2
Horde Horde Application Framework 3.2.1
Horde Horde Application Framework 3.3.5
Horde Horde Application Framework 3.3.6
Horde Horde Application Framework 3.1.8
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 1.3.2
Horde Horde Application Framework 1.3.5
Horde Horde Application Framework 2.2.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.1
1 EDB exploit
6.8
CVSSv2
CVE-2010-3694
Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework prior to 3.3.9 allows remote malicious users to hijack the authentication of unspecified victims for requests to a preference form.
Horde Horde Application Framework 1.0.3
Horde Horde Application Framework 1.1.1
Horde Horde Application Framework 2.0
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2.7
Horde Horde Application Framework 2.2.8
Horde Horde Application Framework 3.0.3
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 3.1.3
Horde Horde Application Framework 3.1.4
Horde Horde Application Framework 3.2.1
Horde Horde Application Framework 3.2.3
Horde Horde Application Framework 3.3.5
Horde Horde Application Framework 3.3.6
Horde Horde Application Framework 3.1.8
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.2
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 1.3.4
Horde Horde Application Framework 2.2
Horde Horde Application Framework 2.2.1
5
CVSSv2
CVE-2010-0463
Horde IMP 4.3.6 and previous versions does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote malicious users to determine the network location of the webmail user by logging DNS requests.
Horde Imp 2.2.6
Horde Imp 2.2.7
Horde Imp 4.0.1
Horde Imp 4.0
Horde Imp 3.2.2
Horde Imp 3.2.1
Horde Imp 4.2.1
Horde Imp 4.2.2
Horde Imp
Horde Imp 3.2.7
Horde Imp 4.0.2
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 3.2.6
Horde Imp 3.2.5
Horde Imp 3.0
Horde Imp 4.1.5
Horde Imp 4.3.2
Horde Imp 4.3.3
Horde Imp 2.2.4
4.3
CVSSv2
CVE-2009-3701
Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in Horde Application Framework prior to 3.3.6, Horde Groupware prior to 1.2.5, and Horde Groupware Webmail Edition prior to 1.2.5 allow remote malicious users to inject arbitrary web script or HTM...
Horde Application Framework 3.3.4
Horde Application Framework 2.1
Horde Application Framework 2.1.3
Horde Application Framework 3.0.4
Horde Application Framework 3.0
Horde Application Framework 3.0.9
Horde Application Framework 3.2.1
Horde Groupware 1.2.3
Horde Groupware
Horde Groupware 1.0.1
Horde Groupware 1.2
Horde Groupware 1.1.5
Horde Application Framework 2.2.4 Rc1
Horde Application Framework 2.2.5
Horde Application Framework 2.2.3
Horde Application Framework 3.0.1
Horde Application Framework 2.2.6
Horde Application Framework 2.0
Horde Application Framework 3.0.2
Horde Application Framework 3.0.3
Horde Application Framework 3.1
Horde Application Framework 3.1.1
4 EDB exploits
4.3
CVSSv2
CVE-2009-4363
Text_Filter/lib/Horde/Text/Filter/Xss.php in Horde Application Framework prior to 3.3.6, Horde Groupware prior to 1.2.5, and Horde Groupware Webmail Edition prior to 1.2.5 does not properly handle data: URIs, which allows remote malicious users to conduct cross-site scripting (XS...
Horde Application Framework 2.2.4 Rc1
Horde Application Framework 2.2.5
Horde Application Framework 2.2.6
Horde Application Framework 2.0
Horde Application Framework 3.0.7
Horde Application Framework 3.1
Horde Application Framework 3.3.4
Horde Application Framework 2.2.4
Horde Application Framework 2.1
Horde Application Framework 2.2
Horde Application Framework 3.0
Horde Application Framework 3.2.2
Horde Application Framework 3.2.1
Horde Application Framework 3.2
Horde Groupware 1.2.3
Horde Groupware 1.2
Horde Groupware 1.1.2
Horde Application Framework
Horde Application Framework 2.1.3
Horde Application Framework 2.2.1
Horde Application Framework 3.3
Horde Application Framework 3.0.6
4.3
CVSSv2
CVE-2007-1473
Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework prior to 3.1.4 RC1, when the login page contains a language selection box, allows remote malicious users to inject arbitrary web script or HTML via the new_lang parameter to login.php.
Horde Horde Application Framework 1.2.5
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 1.2.7
Horde Horde Application Framework 2.2.1
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.2.8
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 2.2.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.2
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »