Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde application framework vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-2195
Cross-site scripting (XSS) vulnerability in horde 3 (horde3) prior to 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.
Horde Horde 3.0.6
Horde Horde 3.0
Horde Horde 3.0.3
Horde Horde
Horde Horde 3.0.4
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 3.0.8
Horde Horde 3.0.2
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.7
4.3
CVSSv2
CVE-2006-3548
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 up to and including 3.0.10 and 3.1.0 up to and including 3.1.1 allow remote malicious users to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https,...
Horde Horde 3.0.6
Horde Horde 3.0
Horde Horde 3.0.3
Horde Horde 3.1.1
Horde Horde 3.0.4
Horde Horde 3.1
Horde Horde 3.0.1
Horde Horde 3.0.4 Rc2
Horde Horde 3.0.8
Horde Horde 3.0.9
Horde Horde 3.0.2
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.7
6.4
CVSSv2
CVE-2009-0932
Directory traversal vulnerability in framework/Image/Image.php in Horde prior to 3.2.4 and 3.3.3 and Horde Groupware prior to 1.1.5 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
Debian Horde 3.3.2
Debian Horde 3.2
Debian Horde Groupware 1.1.3
Debian Horde 3.2.2
Debian Horde Groupware 1.1.1
Debian Horde 3.3.1
Debian Horde 3.2.3
Debian Horde 3.3
Debian Horde Groupware 1.1.2
Debian Horde Groupware 1.1.4
1 EDB exploit
2 Github repositories
6
CVSSv2
CVE-2008-1284
Directory traversal vulnerability in Horde 3.1.6, Groupware prior to 1.0.5, and Groupware Webmail Edition prior to 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte i...
Horde Horde 3.1.6
Horde Groupware
Horde Groupware Webmail Edition
6.5
CVSSv2
CVE-2019-9858
Remote code execution exists in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and _getUpload...
Horde Groupware 5.2.17
Horde Groupware 5.2.22
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2008-3330
Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote malicious users to inject arbitrary web script or HTML via the contact name.
Debian Turba 2.2
Debian Horde 3.2
4.3
CVSSv2
CVE-2015-8807
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary ...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Horde Groupware 5.2.11
Debian Debian Linux 8.0
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3