Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 3.0.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2195
Cross-site scripting (XSS) vulnerability in horde 3 (horde3) prior to 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.
Horde Horde 3.0.6
Horde Horde 3.0
Horde Horde 3.0.3
Horde Horde
Horde Horde 3.0.4
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 3.0.8
Horde Horde 3.0.2
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.7
NA
CVE-2006-3548
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 up to and including 3.0.10 and 3.1.0 up to and including 3.1.1 allow remote malicious users to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https,...
Horde Horde 3.0.6
Horde Horde 3.0
Horde Horde 3.0.3
Horde Horde 3.1.1
Horde Horde 3.0.4
Horde Horde 3.1
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 3.0.8
Horde Horde 3.0.9
Horde Horde 3.0.2
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.7
NA
CVE-2006-1260
Horde Application Framework 3.0.9 allows remote malicious users to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Horde Horde 2.2.7
Horde Horde 3.0.6
Horde Horde 1.2.8
Horde Horde 2.2.3
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 2.2.1
Horde Horde 1.2.6
Horde Horde 3.0
Horde Horde 2.2.4
Horde Horde 3.0.3
Horde Horde 2.0
Horde Horde 3.0.4
Horde Horde 1.2.5
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.3
Horde Horde 2.2.9
Horde Horde 1.2.2
Horde Horde 2.2.8
Horde Horde 3.0.8
Horde Horde 3.0.9
1 EDB exploit
NA
CVE-2005-3759
Multiple cross-site scripting (XSS) vulnerabilities in Horde prior to 3.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.
Horde Horde 2.2.7
Horde Horde 3.0.6
Horde Horde 1.2.8
Horde Horde 2.2.3
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 2.2.1
Horde Horde 1.2.6
Horde Horde 3.0
Horde Horde 2.2.4
Horde Horde 3.0.3
Horde Horde 2.0
Horde Horde 3.0.4
Horde Horde 1.2.5
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.3
Horde Horde 2.2.9
Horde Horde 1.2.2
Horde Horde 2.2.8
Horde Horde 3.0.2
Horde Horde 3.0.4 Rc1
NA
CVE-2006-3549
services/go.php in Horde Application Framework 3.0.0 up to and including 3.0.10 and 3.1.0 up to and including 3.1.1 does not properly restrict its image proxy capability, which allows remote malicious users to perform "Web tunneling" attacks and use the server as a prox...
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 3.0.3
Horde Horde Application Framework 3.0.6
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 3.0.7
Horde Horde Application Framework 3.0.2
NA
CVE-2006-4255
Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 prior to 4.1.3 allows remote malicious users to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolder_label form field in the IMP...
Horde Imp 2.2.7
Horde Imp 2.2.5
Horde Imp 4.0
Horde Horde 3.0.6
Horde Imp 3.1
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 2.2.1
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 4.0.2
Horde Imp 2.2.4
Horde Imp 2.0
Horde Horde 3.0
Horde Horde 3.0.3
Horde Horde 3.1.1
Horde Horde 3.0.4
Horde Imp 2.2.6
Horde Horde 3.1
Horde Horde 3.0.1
Horde Imp 3.2.3
Horde Horde 3.0.4 Rc2
NA
CVE-2006-1491
Eval injection vulnerability in Horde Application Framework versions 3.0 prior to 3.0.10 and 3.1 prior to 3.1.1 allows remote malicious users to execute arbitrary code via the help viewer.
Horde Application Framework 3.0.2
Horde Application Framework 3.0.8
Horde Application Framework 3.0
Horde Application Framework 3.0.4 Rc1
Horde Application Framework 3.0.7
Horde Application Framework 3.0.4
Horde Application Framework 3.1
Horde Application Framework 3.0.1
Horde Application Framework 3.0.6
Horde Application Framework 3.0.3
Horde Application Framework 3.0.4 Rc2
Horde Application Framework 3.0.9
1 EDB exploit
NA
CVE-2012-6620
Multiple cross-site scripting (XSS) vulnerabilities in the (1) tasks and (2) search views in Horde Kronolith H4 prior to 3.0.17 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Horde Kronolith H4 3.0.5
Horde Kronolith H4 3.0
Horde Kronolith H4 3.0.11
Horde Kronolith H4 3.0.3
Horde Kronolith H4 3.0.8
Horde Kronolith H4 3.0.4
Horde Kronolith H4 3.0.6
Horde Kronolith H4
Horde Kronolith H4 3.0.14
Horde Kronolith H4 3.0.10
Horde Kronolith H4 3.0.15
Horde Kronolith H4 3.0.1
Horde Kronolith H4 3.0.2
Horde Kronolith H4 3.0.9
Horde Kronolith H4 3.0.13
Horde Kronolith H4 3.0.12
Horde Kronolith H4 3.0.7
NA
CVE-2006-4256
index.php in Horde Application Framework prior to 3.1.2 allows remote malicious users to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to thi...
Horde Application Framework 3.0.2
Horde Application Framework 3.0.8
Horde Application Framework 3.0
Horde Application Framework 3.0.4 Rc1
Horde Application Framework 3.0.7
Horde Application Framework 3.0.4
Horde Application Framework 3.1
Horde Application Framework 3.0.1
Horde Application Framework 3.0.6
Horde Application Framework 3.0.3
Horde Application Framework 3.0.4 Rc2
Horde Application Framework 3.1.1
Horde Application Framework 3.0.9
NA
CVE-2012-5566
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 prior to 3.0.17, as used in Horde Groupware Webmail Edition prior to 4.0.8, allow remote malicious users to inject arbitrary web script or HTML via the (1) tasks view or (2) search view...
Horde Kronolith H4 3.0.5
Horde Kronolith H4 3.0
Horde Kronolith H4 3.0.11
Horde Kronolith H4 3.0.3
Horde Kronolith H4 3.0.8
Horde Kronolith H4 3.0.4
Horde Kronolith H4 3.0.6
Horde Kronolith H4
Horde Kronolith H4 3.0.14
Horde Kronolith H4 3.0.10
Horde Kronolith H4 3.0.15
Horde Kronolith H4 3.0.1
Horde Kronolith H4 3.0.2
Horde Kronolith H4 3.0.9
Horde Kronolith H4 3.0.13
Horde Kronolith H4 3.0.12
Horde Kronolith H4 3.0.7
Horde Groupware 4.0
Horde Groupware 4.0.3
Horde Groupware 4.0.2
Horde Groupware 4.0.1
Horde Groupware 4.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »