Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde imp - vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2003-0025
Multiple SQL injection vulnerabilities in IMP 2.2.8 and previous versions allow remote malicious users to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
Horde Imp 2.2
Horde Imp 2.2.7
Horde Imp 2.2.8
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 2.2.5
Horde Imp 2.2.6
383
VMScore
CVE-2005-1319
Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client prior to 3.2.8 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Imp 3.2.3
Horde Imp 3.2.4
Horde Imp 3.2.5
Horde Imp 3.2.6
Horde Imp 3.2.7
Horde Imp
Horde Imp 3.2.7 Rc1
668
VMScore
CVE-2001-1257
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) prior to 2.2.6 and 1.2.6 allows remote malicious users to execute arbitrary Javascript embedded in an email.
Horde Imp 2.0
Horde Imp 2.2.4
Horde Imp 2.2.5
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp 2.2
Horde Imp 2.2.1
320
VMScore
CVE-2001-1258
Horde Internet Messaging Program (IMP) prior to 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
Horde Imp 2.0
Horde Imp 2.2
Horde Imp 2.2.5
Horde Imp 2.2.3
Horde Imp 2.2.4
Horde Imp 2.2.1
Horde Imp 2.2.2
187
VMScore
CVE-2001-0744
Horde IMP 2.2.4 and previous versions allows local users to overwrite files via a symlink attack on a temporary file.
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp
Horde Imp 2.2
Horde Imp 2.0
Horde Imp 2.2.1
383
VMScore
CVE-2012-0791
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 5.0.18 and Horde Groupware Webmail Edition prior to 4.0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compo...
Horde Imp 2.2.7
Horde Dynamic Imp 1.1
Horde Imp 2.2.5
Horde Imp 4.0
Horde Dynamic Imp 1.1.6
Horde Imp 4.1.3
Horde Dynamic Imp 1.1.1
Horde Dynamic Imp 5.0.4
Horde Imp 4.1.6
Horde Imp 5.0.3
Horde Imp 3.1
Horde Imp 5.0.2
Horde Dynamic Imp 5.0.13
Horde Imp 4.3.6
Horde Dynamic Imp 1.0
Horde Dynamic Imp 5.0.5
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 5.0
Horde Imp 4.3.3
Horde Imp 4.2
Horde Dynamic Imp
383
VMScore
CVE-2010-3693
Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) prior to 1.1.5, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via vectors related to displaying mailbox names.
Horde Groupware 1.0.7
Horde Groupware 1.1.4
Horde Groupware 1.1.3
Horde Groupware 1.2
Horde Groupware 1.0
Horde Groupware
Horde Groupware 1.1.6
Horde Groupware 1.1
Horde Groupware 1.0.1
Horde Groupware 1.0.6
Horde Groupware 1.2.2
Horde Groupware 1.2.5
Horde Groupware 1.0.4
Horde Groupware 1.2.3
Horde Groupware 1.1.5
Horde Groupware 1.0.5
Horde Groupware 1.1.2
Horde Groupware 1.0.2
Horde Groupware 1.0.3
Horde Groupware 1.2.4
Horde Groupware 1.0.8
Horde Groupware 1.1.1
445
VMScore
CVE-2000-0911
IMP 2.2 and previous versions allows malicious users to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment.
Horde Imp 2.0
Horde Imp 2.2
383
VMScore
CVE-2009-0930
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 4.2.2 and 4.3.3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) smime.php, (2) pgp.php, and (3) message.php.
Debian Horde Imp
Debian Horde Imp 4.0
668
VMScore
CVE-2002-0181
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote malicious users to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
Horde Horde 1.2.7
Horde Imp 2.2.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »