Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 2.2.6 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-3570
Unspecified cross-site scripting (XSS) vulnerability in Horde prior to 2.2.9 allows remote malicious users to inject arbitrary web script or HTML via "not properly escaped error messages".
Horde Horde 2.2.7
Horde Horde 2.2.3
Horde Horde 2.2.1
Horde Horde 2.2.4
Horde Horde 2.2.8
Horde Horde 2.2.6
Horde Horde 2.2.4 Rc1
Horde Horde 2.2
Horde Horde 2.2.5
7.5
CVSSv2
CVE-2003-0025
Multiple SQL injection vulnerabilities in IMP 2.2.8 and previous versions allow remote malicious users to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
Horde Imp 2.2.7
Horde Imp 2.2.5
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.2.4
Horde Imp 2.2.6
Horde Imp 2.2
Horde Imp 2.2.8
Horde Imp 2.2.3
5
CVSSv2
CVE-2006-1260
Horde Application Framework 3.0.9 allows remote malicious users to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Horde Horde 2.2.7
Horde Horde 3.0.6
Horde Horde 1.2.8
Horde Horde 2.2.3
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 2.2.1
Horde Horde 1.2.6
Horde Horde 3.0
Horde Horde 2.2.4
Horde Horde 3.0.3
Horde Horde 2.0
Horde Horde 3.0.4
Horde Horde 1.2.5
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.3
Horde Horde 2.2.9
Horde Horde 1.2.2
Horde Horde 2.2.8
Horde Horde 3.0.8
Horde Horde 3.0.9
1 EDB exploit
5.8
CVSSv2
CVE-2005-3759
Multiple cross-site scripting (XSS) vulnerabilities in Horde prior to 3.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.
Horde Horde 2.2.7
Horde Horde 3.0.6
Horde Horde 1.2.8
Horde Horde 2.2.3
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 2.2.1
Horde Horde 1.2.6
Horde Horde 3.0
Horde Horde 2.2.4
Horde Horde 3.0.3
Horde Horde 2.0
Horde Horde 3.0.4
Horde Horde 1.2.5
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.3
Horde Horde 2.2.9
Horde Horde 1.2.2
Horde Horde 2.2.8
Horde Horde 3.0.2
Horde Horde 3.0.4 Rc1
6.8
CVSSv2
CVE-2004-0584
Unknown vulnerability in Horde IMP 3.2.3 and previous versions, before a "security fix," does not properly validate input, which allows remote malicious users to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross...
Horde Imp 2.2.7
Horde Imp 2.2.5
Horde Imp 3.1
Horde Imp 3.1.2
Horde Imp 2.2.1
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 2.2.4
Horde Imp 2.0
Horde Imp 2.2.6
Horde Imp 3.2.3
Horde Imp 2.2
Horde Imp 2.3
Horde Imp 3.2
Horde Imp 2.2.8
Horde Imp 2.2.3
Horde Imp 3.0
Horde Imp 3.2.1
4.3
CVSSv2
CVE-2004-1443
Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and previous versions, when used with Internet Explorer, allows remote malicious users to inject arbitrary web script or HTML via an e-mail message.
Horde Imp 2.2.7
Horde Imp 2.2.5
Horde Imp 3.1
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 2.2.1
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 2.2.4
Horde Imp 2.0
Horde Imp 2.2.6
Horde Imp 3.2.3
Horde Imp 2.2
Horde Imp 2.3
Horde Imp 3.2
Horde Imp 2.2.8
Horde Imp 2.2.3
Horde Imp 3.0
Horde Imp 3.2.1
4.3
CVSSv2
CVE-2004-2741
Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote malicious users to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters.
Horde Application Framework 2.1
Horde Application Framework 2.2.4 Rc1
Horde Application Framework 2.0
Horde Application Framework 2.2
Horde Application Framework 2.2.3
Horde Application Framework 2.2.1
Horde Application Framework 2.2.6
Horde Application Framework 2.1.3
Horde Application Framework 2.2.5
Horde Application Framework 2.2.4
4.3
CVSSv2
CVE-2005-4080
Horde IMP 4.0.4 and previous versions does not sanitize strings containing UTF16 null characters, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer,...
Horde Imp 2.2.7
Horde Imp 2.2.5
Horde Imp 4.0
Horde Imp 3.1
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 2.2.1
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 4.0.2
Horde Imp 2.2.4
Horde Imp 2.0
Horde Imp 2.2.6
Horde Imp 3.2.3
Horde Imp 3.2.5
Horde Imp 4.0.3
Horde Imp 2.2
Horde Imp 2.3
Horde Imp 3.2
Horde Imp 4.0.1
Horde Imp 2.2.8
Horde Imp 2.2.3
1 EDB exploit
6.8
CVSSv2
CVE-2007-1474
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.
Horde Imp 2.2.7
Horde Imp 2.2.5
Horde Horde Application Framework 3.0.0
Horde Imp 3.1
Horde Horde Application Framework 3.0.4
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 2.2.1
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 2.2.4
Horde Imp 2.0
Horde Imp 2.2.6
Horde Imp 3.2.3
Horde Imp 3.2.5
Horde Imp 3.2.6
Horde Imp 2.2
Horde Imp 2.3
Horde Imp 3.2
Horde Imp 2.2.8
Horde Imp 2.2.3
Horde Horde Application Framework 3.1.3
1 EDB exploit
4.3
CVSSv2
CVE-2006-4255
Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 prior to 4.1.3 allows remote malicious users to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolder_label form field in the IMP...
Horde Imp 2.2.7
Horde Imp 2.2.5
Horde Imp 4.0
Horde Horde 3.0.6
Horde Imp 3.1
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 2.2.1
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 4.0.2
Horde Imp 2.2.4
Horde Imp 2.0
Horde Horde 3.0
Horde Horde 3.0.3
Horde Horde 3.1.1
Horde Horde 3.0.4
Horde Imp 2.2.6
Horde Horde 3.1
Horde Horde 3.0.1
Horde Imp 3.2.3
Horde Horde 3.0.4 Rc2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »