Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde groupware vulnerabilities and exploits
(subscribe to this query)
231
VMScore
CVE-2013-6365
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions
Horde Groupware 5.1.2
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Debian Debian Linux 8.0
Debian Debian Linux 10.0
Debian Debian Linux 9.0
605
VMScore
CVE-2019-12095
Horde Trean, as used in Horde Groupware Webmail Edition up to and including 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload.
Horde Groupware
383
VMScore
CVE-2019-12094
Horde Groupware Webmail Edition up to and including 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?form=remove_f&user_name= or admin/config/diff.php?app= URI.
Horde Groupware
690
VMScore
CVE-2019-9858
Remote code execution exists in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and _getUpload...
Horde Groupware 5.2.17
Horde Groupware 5.2.22
Debian Debian Linux 8.0
Debian Debian Linux 9.0
312
VMScore
CVE-2017-16907
In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.
Horde Groupware 5.2.21
Horde Groupware 5.2.19
312
VMScore
CVE-2017-16908
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.
Horde Groupware 5.2.19
312
VMScore
CVE-2017-16906
In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action.
Horde Groupware
505
VMScore
CVE-2017-15235
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote malicious users to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
Horde Groupware 5.2.21
1 EDB exploit
605
VMScore
CVE-2017-14650
A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability ...
Horde Horde Image Api 2.0.0
Horde Horde Image Api 2.0.1
Horde Horde Image Api 2.0.9
Horde Horde Image Api 2.1.0
Horde Horde Image Api 2.3.5
Horde Horde Image Api 2.3.6
Horde Horde Image Api 2.5.1
Horde Horde Image Api 2.0.4
Horde Horde Image Api 2.0.5
Horde Horde Image Api 2.3.1
Horde Horde Image Api 2.3.2
Horde Horde Image Api 2.5.0
Horde Horde Image Api 2.0.2
Horde Horde Image Api 2.0.3
Horde Horde Image Api 2.2.0
Horde Horde Image Api 2.3.0
Horde Horde Image Api 2.4.0
Horde Horde Image Api 2.4.1
Horde Horde Image Api 2.0.6
Horde Horde Image Api 2.0.7
Horde Horde Image Api 2.0.8
Horde Horde Image Api 2.3.3
383
VMScore
CVE-2017-9773
Denial of Service was found in Horde_Image 2.x prior to 2.5.0 via a crafted URL to the "Null" image driver.
Horde Horde Image 2.0.0
Horde Horde Image 2.0.6
Horde Horde Image 2.0.2
Horde Horde Image 2.0.1
Horde Horde Image 2.1.0
Horde Horde Image 2.1.1
Horde Horde Image 2.3.7
Horde Horde Image 2.3.5
Horde Horde Image 2.0.4
Horde Horde Image 2.0.5
Horde Horde Image 2.0.9
Horde Horde Image 2.3.0
Horde Horde Image 2.4.2
Horde Horde Image 2.3.6
Horde Horde Image 2.1.10
Horde Horde Image 2.2.0
Horde Horde Image 2.2.1
Horde Horde Image 2.3.3
Horde Horde Image 2.3.4
Horde Horde Image 2.4.0
Horde Horde Image 2.0.3
Horde Horde Image 2.1.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »