Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 2.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-4242
Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the address book and (2) contact data.
Horde Turba H3 2.0.1
Horde Turba H3 2.0.2
Horde Turba H3 2.0
Horde Turba H3 2.0.3
Horde Turba H3
6.8
CVSSv2
CVE-2007-1474
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames.
Horde Horde Application Framework 3.0.4
Horde Horde Application Framework 3.1.3
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2.1
Horde Imp 3.2.2
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.3
Horde Imp 3.2.4
Horde Horde Application Framework 3.0.0
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1.2
Horde Imp 3.2
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
Horde Imp 3.0
Horde Imp 3.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-4080
Horde IMP 4.0.4 and previous versions does not sanitize strings containing UTF16 null characters, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer,...
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 3.2.2
Horde Imp 3.2.3
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 3.1
Horde Imp 3.1.2
Horde Imp 4.0
Horde Imp 4.0.1
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 3.2
Horde Imp 3.2.1
Horde Imp 4.0.2
Horde Imp 4.0.3
Horde Imp 4.0.4
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.3
1 EDB exploit
5
CVSSv2
CVE-2000-0911
IMP 2.2 and previous versions allows malicious users to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment.
Horde Imp 2.0
Horde Imp 2.2
5
CVSSv2
CVE-2010-0463
Horde IMP 4.3.6 and previous versions does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote malicious users to determine the network location of the webmail user by logging DNS requests.
Horde Imp 2.2.6
Horde Imp 2.2.7
Horde Imp 4.0.1
Horde Imp 4.0
Horde Imp 3.2.2
Horde Imp 3.2.1
Horde Imp 4.2.1
Horde Imp 4.2.2
Horde Imp
Horde Imp 3.2.7
Horde Imp 4.0.2
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 3.2.6
Horde Imp 3.2.5
Horde Imp 3.0
Horde Imp 4.1.5
Horde Imp 4.3.2
Horde Imp 4.3.3
Horde Imp 2.2.4
4.3
CVSSv2
CVE-2004-2741
Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote malicious users to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters.
Horde Application Framework 2.2
Horde Application Framework 2.2.1
Horde Application Framework 2.1
Horde Application Framework 2.1.3
Horde Application Framework 2.2.6
Horde Application Framework 2.2.3
Horde Application Framework 2.2.4
Horde Application Framework 2.0
Horde Application Framework 2.2.4 Rc1
Horde Application Framework 2.2.5
3.5
CVSSv2
CVE-2005-4190
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework prior to 3.0.8 allow remote authenticated users to inject arbitrary web script or HTML via multiple vectors, as demonstrated by (1) the identity field, (2) Category and (3) Label search fields, (4)...
Horde Horde Application Framework 1.0.2 1
Horde Horde Application Framework 1.0.3 2
Horde Horde Application Framework 1.0.9
Horde Horde Application Framework 1.2.1
Horde Horde Application Framework 1.2.8
Horde Horde Application Framework 1.3.4
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.3
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 1.0.0
Horde Horde Application Framework 1.0.10
Horde Horde Application Framework 1.0.11
Horde Horde Application Framework 1.0.2
Horde Horde Application Framework 1.2.2
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 1.2.5
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 2.2.7
Horde Horde Application Framework 2.2.8
Horde Horde Application Framework 2.2.9
4.3
CVSSv2
CVE-2007-1473
Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework prior to 3.1.4 RC1, when the login page contains a language selection box, allows remote malicious users to inject arbitrary web script or HTML via the new_lang parameter to login.php.
Horde Horde Application Framework 1.2.5
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 1.2.7
Horde Horde Application Framework 2.2.1
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.2.8
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 2.2.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.2
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2
1 EDB exploit
3.5
CVSSv2
CVE-2005-4189
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 prior to 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category a...
Horde Kronolith H3 2.0.2
Horde Kronolith H3 2.0.2 Rc1
Horde Kronolith H3 2.0 Beta
Horde Kronolith H3 2.0 Rc1
Horde Kronolith H3 2.0
Horde Kronolith H3 2.0.1
Horde Kronolith H3 2.0.5
Horde Kronolith H3 2.0 Alpha
Horde Kronolith H3 2.0.3
Horde Kronolith H3 2.0.3 Rc1
Horde Kronolith H3 2.0 Rc2
Horde Kronolith H3 2.0 Rc3
Horde Kronolith H3 2.0.4
Horde Kronolith H3 2.0.4 Rc1
6.8
CVSSv2
CVE-2010-3694
Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework prior to 3.3.9 allows remote malicious users to hijack the authentication of unspecified victims for requests to a preference form.
Horde Horde Application Framework 1.0.3
Horde Horde Application Framework 1.1.1
Horde Horde Application Framework 2.0
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2.7
Horde Horde Application Framework 2.2.8
Horde Horde Application Framework 3.0.3
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 3.1.3
Horde Horde Application Framework 3.1.4
Horde Horde Application Framework 3.2.1
Horde Horde Application Framework 3.2.3
Horde Horde Application Framework 3.3.5
Horde Horde Application Framework 3.3.6
Horde Horde Application Framework 3.1.8
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.2
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 1.3.4
Horde Horde Application Framework 2.2
Horde Horde Application Framework 2.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »