Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde application framework 3.0.5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
NA
CVE-2010-3077
Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework prior to 3.3.9 allows remote malicious users to inject arbitrary web script or HTML via the subdir parameter.
Horde Horde Application Framework 3.0.11
Horde Horde Application Framework 2.0
Horde Horde Application Framework 3.2.3
Horde Horde Application Framework 3.0
Horde Horde Application Framework 3.3.4
Horde Horde Application Framework 3.2
Horde Horde Application Framework 3.1.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.1
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.0.6
Horde Horde Application Framework 3.1.9
Horde Horde Application Framework 3.1.8
Horde Horde Application Framework 3.1.2
Horde Horde Application Framework 2.2.9
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 1.3.1
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.3.7
1 EDB exploit
NA
CVE-2010-3694
Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework prior to 3.3.9 allows remote malicious users to hijack the authentication of unspecified victims for requests to a preference form.
Horde Horde Application Framework 3.0.11
Horde Horde Application Framework 2.0
Horde Horde Application Framework 3.2.3
Horde Horde Application Framework 3.0
Horde Horde Application Framework 3.3.4
Horde Horde Application Framework 3.2
Horde Horde Application Framework 3.1.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.1
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.0.6
Horde Horde Application Framework 3.1.9
Horde Horde Application Framework 3.1.8
Horde Horde Application Framework 3.1.2
Horde Horde Application Framework 2.2.9
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 1.3.1
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.3.7
NA
CVE-2007-1473
Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework prior to 3.1.4 RC1, when the login page contains a language selection box, allows remote malicious users to inject arbitrary web script or HTML via the new_lang parameter to login.php.
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 2.0
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.1.2
Horde Horde Application Framework 2.2.9
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 1.2.1
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 2.2.8
Horde Horde Application Framework 2.2.6
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.2.7
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 3.0.8
1 EDB exploit
NA
CVE-2006-3549
services/go.php in Horde Application Framework 3.0.0 up to and including 3.0.10 and 3.1.0 up to and including 3.1.1 does not properly restrict its image proxy capability, which allows remote malicious users to perform "Web tunneling" attacks and use the server as a prox...
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 3.0.3
Horde Horde Application Framework 3.0.6
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 3.0.7
Horde Horde Application Framework 3.0.2
NA
CVE-2005-4190
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework prior to 3.0.8 allow remote authenticated users to inject arbitrary web script or HTML via multiple vectors, as demonstrated by (1) the identity field, (2) Category and (3) Label search fields, (4)...
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 1.0.3 4
Horde Horde Application Framework 1.0.2 1
Horde Horde Application Framework 2.0
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 1.0.3 3
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 1.0.10
Horde Horde Application Framework 2.2.9
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 1.2.1
Horde Horde Application Framework 1.0.9
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 2.2.8
Horde Horde Application Framework 2.2.6
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.0.0
Horde Horde Application Framework 1.2.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started