Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 3.1 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2006-3548
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 up to and including 3.0.10 and 3.1.0 up to and including 3.1.1 allow remote malicious users to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https,...
Horde Horde 3.0.2
Horde Horde 3.0.3
Horde Horde 3.0.9
Horde Horde 3.1
Horde Horde 3.0.4
Horde Horde 3.0.4 Rc1
Horde Horde 3.1.1
Horde Horde 3.0.4 Rc2
Horde Horde 3.0.6
Horde Horde 3.0
Horde Horde 3.0.1
Horde Horde 3.0.7
Horde Horde 3.0.8
383
VMScore
CVE-2006-4255
Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 prior to 4.1.3 allows remote malicious users to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolder_label form field in the IMP...
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 3.0.6
Horde Imp 2.2
Horde Imp 2.2.1
Horde Imp 2.2.8
Horde Imp 2.3
Horde Imp 3.2.4
Horde Imp 3.2.5
Horde Horde 3.0.1
Horde Horde 3.0.2
Horde Horde 3.0.9
Horde Horde 3.1
Horde Horde 3.0
Horde Horde 3.0.7
Horde Horde 3.0.8
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 3.0
Horde Imp 3.1
Horde Horde 3.0.3
Horde Horde 3.0.4
605
VMScore
CVE-2004-0584
Unknown vulnerability in Horde IMP 3.2.3 and previous versions, before a "security fix," does not properly validate input, which allows remote malicious users to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross...
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.2
Horde Imp 3.2.3
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
Horde Imp 3.0
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1
Horde Imp 3.1.2
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2
Horde Imp 3.2.1
383
VMScore
CVE-2004-1443
Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and previous versions, when used with Internet Explorer, allows remote malicious users to inject arbitrary web script or HTML via an e-mail message.
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.2
Horde Imp 3.2.3
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1
Horde Imp 3.1.2
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2
Horde Imp 3.2.1
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
Horde Imp 3.0
Horde Imp 3.2.4
435
VMScore
CVE-2009-2360
Cross-site scripting (XSS) vulnerability in passwd/main.php in the Passwd module prior to 3.1.1 for Horde allows remote malicious users to inject arbitrary web script or HTML via the backend parameter.
Horde Passwd
Horde Passwd 2.2.1
Horde Passwd 2.2.2
Horde Passwd 2.2
Horde Passwd 2.1
Horde Passwd 2.0
1 EDB exploit
435
VMScore
CVE-2005-4080
Horde IMP 4.0.4 and previous versions does not sanitize strings containing UTF16 null characters, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer,...
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.2
Horde Imp 3.2.3
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1
Horde Imp 3.1.2
Horde Imp 4.0
Horde Imp 4.0.1
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2
Horde Imp 3.2.1
Horde Imp 4.0.2
Horde Imp 4.0.3
Horde Imp 4.0.4
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
1 EDB exploit
685
VMScore
CVE-2007-1474
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.1.3
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2.1
Horde Imp 3.2.2
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.3
Horde Imp 3.2.4
Horde Horde Application Framework 3.0.0
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1.2
Horde Imp 3.2
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
Horde Imp 3.0
Horde Imp 3.1
1 EDB exploit
755
VMScore
CVE-2006-1491
Eval injection vulnerability in Horde Application Framework versions 3.0 prior to 3.0.10 and 3.1 prior to 3.1.1 allows remote malicious users to execute arbitrary code via the help viewer.
Horde Application Framework 3.0.4 Rc2
Horde Application Framework 3.0.6
Horde Application Framework 3.0.4
Horde Application Framework 3.0.4 Rc1
Horde Application Framework 3.0
Horde Application Framework 3.0.1
Horde Application Framework 3.0.7
Horde Application Framework 3.0.8
Horde Application Framework 3.0.2
Horde Application Framework 3.0.3
Horde Application Framework 3.0.9
Horde Application Framework 3.1
1 EDB exploit
445
VMScore
CVE-2010-0463
Horde IMP 4.3.6 and previous versions does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote malicious users to determine the network location of the webmail user by logging DNS requests.
Horde Imp 2.2.6
Horde Imp 2.2.7
Horde Imp 4.0.1
Horde Imp 4.0
Horde Imp 3.2.2
Horde Imp 3.2.1
Horde Imp 4.2.1
Horde Imp 4.2.2
Horde Imp
Horde Imp 3.2.7
Horde Imp 4.0.2
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 3.2.6
Horde Imp 3.2.5
Horde Imp 3.0
Horde Imp 4.1.5
Horde Imp 4.3.2
Horde Imp 4.3.3
Horde Imp 2.2.4
383
VMScore
CVE-2006-4256
index.php in Horde Application Framework prior to 3.1.2 allows remote malicious users to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to thi...
Horde Application Framework 3.0
Horde Application Framework 3.0.1
Horde Application Framework 3.0.7
Horde Application Framework 3.0.8
Horde Application Framework 3.0.4 Rc2
Horde Application Framework 3.0.6
Horde Application Framework 3.0.4
Horde Application Framework 3.0.4 Rc1
Horde Application Framework 3.1.1
Horde Application Framework 3.0.2
Horde Application Framework 3.0.3
Horde Application Framework 3.0.9
Horde Application Framework 3.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »