Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde imp - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-0025
Multiple SQL injection vulnerabilities in IMP 2.2.8 and previous versions allow remote malicious users to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 2.2.5
Horde Imp 2.2.6
4.3
CVSSv2
CVE-2005-1319
Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client prior to 3.2.8 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Imp 3.2.3
Horde Imp 3.2.4
Horde Imp 3.2.5
Horde Imp 3.2.6
Horde Imp 3.2.7
Horde Imp
Horde Imp 3.2.7 Rc1
3.6
CVSSv2
CVE-2001-1258
Horde Internet Messaging Program (IMP) prior to 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.5
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 2.2.1
Horde Imp 2.2.2
7.5
CVSSv2
CVE-2001-1257
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) prior to 2.2.6 and 1.2.6 allows remote malicious users to execute arbitrary Javascript embedded in an email.
Horde Imp 2.0
Horde Imp 2.2.4
Horde Imp 2.2.5
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 2.2
Horde Imp 2.2.1
2.1
CVSSv2
CVE-2001-0744
Horde IMP 2.2.4 and previous versions allows local users to overwrite files via a symlink attack on a temporary file.
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp
Horde Imp 2.2
Horde Imp 2.0
Horde Imp 2.2.1
4.3
CVSSv2
CVE-2012-0791
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 5.0.18 and Horde Groupware Webmail Edition prior to 4.0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compo...
Horde Imp 2.2.7
Horde Dynamic Imp 1.1
Horde Imp 2.2.5
Horde Imp 4.0
Horde Dynamic Imp 1.1.6
Horde Imp 4.1.3
Horde Dynamic Imp 1.1.1
Horde Dynamic Imp 5.0.4
Horde Imp 4.1.6
Horde Imp 5.0.3
Horde Imp 3.1
Horde Imp 5.0.2
Horde Dynamic Imp 5.0.13
Horde Imp 4.3.6
Horde Dynamic Imp 1.0
Horde Dynamic Imp 5.0.5
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 5.0
Horde Imp 4.3.3
Horde Imp 4.2
Horde Dynamic Imp
4.3
CVSSv2
CVE-2010-3693
Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) prior to 1.1.5, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via vectors related to displaying mailbox names.
Horde Groupware 1.0.7
Horde Groupware 1.1.4
Horde Groupware 1.1.3
Horde Groupware 1.2
Horde Groupware 1.0
Horde Groupware
Horde Groupware 1.1.6
Horde Groupware 1.1
Horde Groupware 1.0.1
Horde Groupware 1.0.6
Horde Groupware 1.2.2
Horde Groupware 1.2.5
Horde Groupware 1.0.4
Horde Groupware 1.2.3
Horde Groupware 1.1.5
Horde Groupware 1.0.5
Horde Groupware 1.1.2
Horde Groupware 1.0.2
Horde Groupware 1.0.3
Horde Groupware 1.2.4
Horde Groupware 1.0.8
Horde Groupware 1.1.1
5
CVSSv2
CVE-2000-0911
IMP 2.2 and previous versions allows malicious users to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment.
Horde Imp 2.0
Horde Imp 2.2
4.3
CVSSv2
CVE-2009-0930
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 4.2.2 and 4.3.3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.
Debian Horde Imp
Debian Horde Imp 4.0
7.5
CVSSv2
CVE-2002-0181
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote malicious users to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
Horde Horde 1.2.7
Horde Imp 2.2.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »