Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde imp - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0025
Multiple SQL injection vulnerabilities in IMP 2.2.8 and previous versions allow remote malicious users to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 2.2.5
Horde Imp 2.2.6
NA
CVE-2005-1319
Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client prior to 3.2.8 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Imp 3.2.3
Horde Imp 3.2.4
Horde Imp 3.2.5
Horde Imp 3.2.6
Horde Imp 3.2.7
Horde Imp
Horde Imp 3.2.7 Rc1
NA
CVE-2001-1257
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) prior to 2.2.6 and 1.2.6 allows remote malicious users to execute arbitrary Javascript embedded in an email.
Horde Imp 2.0
Horde Imp 2.2.4
Horde Imp 2.2.5
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 2.2
Horde Imp 2.2.1
NA
CVE-2001-1258
Horde Internet Messaging Program (IMP) prior to 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.5
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 2.2.1
Horde Imp 2.2.2
NA
CVE-2001-0744
Horde IMP 2.2.4 and previous versions allows local users to overwrite files via a symlink attack on a temporary file.
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp
Horde Imp 2.2
Horde Imp 2.0
Horde Imp 2.2.1
NA
CVE-2012-0791
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 5.0.18 and Horde Groupware Webmail Edition prior to 4.0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compo...
Horde Imp 2.2.7
Horde Dynamic Imp 1.1
Horde Imp 2.2.5
Horde Imp 4.0
Horde Dynamic Imp 1.1.6
Horde Imp 4.1.3
Horde Dynamic Imp 1.1.1
Horde Dynamic Imp 5.0.4
Horde Imp 4.1.6
Horde Imp 5.0.3
Horde Imp 3.1
Horde Imp 5.0.2
Horde Dynamic Imp 5.0.13
Horde Imp 4.3.6
Horde Dynamic Imp 1.0
Horde Dynamic Imp 5.0.5
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 5.0
Horde Imp 4.3.3
Horde Imp 4.2
Horde Dynamic Imp
NA
CVE-2010-3693
Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) prior to 1.1.5, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via vectors related to displaying mailbox names.
Horde Groupware 1.0.7
Horde Groupware 1.1.4
Horde Groupware 1.1.3
Horde Groupware 1.2
Horde Groupware 1.0
Horde Groupware
Horde Groupware 1.1.6
Horde Groupware 1.1
Horde Groupware 1.0.1
Horde Groupware 1.0.6
Horde Groupware 1.2.2
Horde Groupware 1.2.5
Horde Groupware 1.0.4
Horde Groupware 1.2.3
Horde Groupware 1.1.5
Horde Groupware 1.0.5
Horde Groupware 1.1.2
Horde Groupware 1.0.2
Horde Groupware 1.0.3
Horde Groupware 1.2.4
Horde Groupware 1.0.8
Horde Groupware 1.1.1
NA
CVE-2000-0911
IMP 2.2 and previous versions allows malicious users to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment.
Horde Imp 2.0
Horde Imp 2.2
NA
CVE-2009-0930
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 4.2.2 and 4.3.3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.
Debian Horde Imp
Debian Horde Imp 4.0
NA
CVE-2002-0181
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote malicious users to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
Horde Horde 1.2.7
Horde Imp 2.2.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »