Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 2.2.1 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2005-3570
Unspecified cross-site scripting (XSS) vulnerability in Horde prior to 2.2.9 allows remote malicious users to inject arbitrary web script or HTML via "not properly escaped error messages".
Horde Horde 2.2.7
Horde Horde 2.2.3
Horde Horde 2.2.1
Horde Horde 2.2.4
Horde Horde 2.2.8
Horde Horde 2.2.6
Horde Horde 2.2.4 Rc1
Horde Horde 2.2
Horde Horde 2.2.5
435
VMScore
CVE-2009-2360
Cross-site scripting (XSS) vulnerability in passwd/main.php in the Passwd module prior to 3.1.1 for Horde allows remote malicious users to inject arbitrary web script or HTML via the backend parameter.
Horde Passwd 2.1
Horde Passwd 2.2
Horde Passwd 2.0
Horde Passwd
Horde Passwd 2.2.2
Horde Passwd 2.2.1
1 EDB exploit
187
VMScore
CVE-2001-0744
Horde IMP 2.2.4 and previous versions allows local users to overwrite files via a symlink attack on a temporary file.
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.0
Horde Imp
Horde Imp 2.2
Horde Imp 2.2.3
383
VMScore
CVE-2005-1313
Cross-site scripting (XSS) vulnerability in Horde Passwd module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Passwd 2.1
Horde Passwd 2.2
Horde Passwd 2.0
Horde Passwd 2.2.1
383
VMScore
CVE-2005-1321
Cross-site scripting (XSS) vulnerability in Horde Vacation module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Vaction 1.0a
Horde Vaction 2.2.1
Horde Vaction 2.2
Horde Vaction 2.1
320
VMScore
CVE-2001-1258
Horde Internet Messaging Program (IMP) prior to 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
Horde Imp 2.2.5
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.2.4
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.3
668
VMScore
CVE-2001-1257
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) prior to 2.2.6 and 1.2.6 allows remote malicious users to execute arbitrary Javascript embedded in an email.
Horde Imp 2.2.5
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.2.4
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.3
383
VMScore
CVE-2005-1318
Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Forwards 2.2.1
Horde Forwards 2.1
Horde Forwards 2.2
668
VMScore
CVE-2003-0025
Multiple SQL injection vulnerabilities in IMP 2.2.8 and previous versions allow remote malicious users to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
Horde Imp 2.2.7
Horde Imp 2.2.5
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.2.4
Horde Imp 2.2.6
Horde Imp 2.2
Horde Imp 2.2.8
Horde Imp 2.2.3
505
VMScore
CVE-2006-1260
Horde Application Framework 3.0.9 allows remote malicious users to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Horde Horde 2.2.7
Horde Horde 3.0.6
Horde Horde 1.2.8
Horde Horde 2.2.3
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 2.2.1
Horde Horde 1.2.6
Horde Horde 3.0
Horde Horde 2.2.4
Horde Horde 3.0.3
Horde Horde 2.0
Horde Horde 3.0.4
Horde Horde 1.2.5
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.3
Horde Horde 2.2.9
Horde Horde 1.2.2
Horde Horde 2.2.8
Horde Horde 3.0.8
Horde Horde 3.0.9
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »