Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde groupware vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-5303
Cross-site scripting (XSS) vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition prior to 5.2.16 allows remote malicious users to inject arbitrary web script or HTML via crafted data:text/html content in a form (1) action or (2) xlink a...
Horde Groupware 5.2.15
5.4
CVSSv3
CVE-2017-16908
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.
Horde Groupware 5.2.19
NA
CVE-2007-1679
Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware Webmail 1.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in (1) imp/search.php and (2) ingo/rule.php. NOTE: this issue has been disputed by the vendor, noting...
Horde Groupware 1.0
8
CVSSv3
CVE-2022-30287
Horde Groupware Webmail Edition up to and including 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.
Horde Groupware
Debian Debian Linux 10.0
5.7
CVSSv3
CVE-2017-9773
Denial of Service was found in Horde_Image 2.x prior to 2.5.0 via a crafted URL to the "Null" image driver.
Horde Horde Image 2.0.0
Horde Horde Image 2.0.6
Horde Horde Image 2.0.2
Horde Horde Image 2.0.1
Horde Horde Image 2.1.0
Horde Horde Image 2.1.1
Horde Horde Image 2.3.7
Horde Horde Image 2.3.5
Horde Horde Image 2.0.4
Horde Horde Image 2.0.5
Horde Horde Image 2.0.9
Horde Horde Image 2.3.0
Horde Horde Image 2.4.2
Horde Horde Image 2.3.6
Horde Horde Image 2.1.10
Horde Horde Image 2.2.0
Horde Horde Image 2.2.1
Horde Horde Image 2.3.3
Horde Horde Image 2.3.4
Horde Horde Image 2.4.0
Horde Horde Image 2.0.3
Horde Horde Image 2.1.8
6.3
CVSSv3
CVE-2020-8865
This vulnerability allows remote malicious users to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] p...
Horde Groupware 5.2.22
Debian Debian Linux 8.0
2 EDB exploits
8.8
CVSSv3
CVE-2017-9774
Remote Code Execution was found in Horde_Image 2.x prior to 2.5.0 via a crafted GET request. Exploitation requires authentication.
Horde Horde Image Api 2.0.0
Horde Horde Image Api 2.0.7
Horde Horde Image Api 2.0.8
Horde Horde Image Api 2.3.3
Horde Horde Image Api 2.3.4
Horde Horde Image Api 2.0.3
Horde Horde Image Api 2.0.4
Horde Horde Image Api 2.2.0
Horde Horde Image Api 2.3.0
Horde Horde Image Api 2.4.1
Horde Horde Image Api 2.0.1
Horde Horde Image Api 2.0.2
Horde Horde Image Api 2.0.9
Horde Horde Image Api 2.1.0
Horde Horde Image Api 2.3.5
Horde Horde Image Api 2.3.6
Horde Horde Image Api 2.4.0
Horde Horde Image Api 2.0.5
Horde Horde Image Api 2.0.6
Horde Horde Image Api 2.3.1
Horde Horde Image Api 2.3.2
8.1
CVSSv3
CVE-2017-14650
A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability ...
Horde Horde Image Api 2.0.0
Horde Horde Image Api 2.0.1
Horde Horde Image Api 2.0.9
Horde Horde Image Api 2.1.0
Horde Horde Image Api 2.3.5
Horde Horde Image Api 2.3.6
Horde Horde Image Api 2.5.1
Horde Horde Image Api 2.0.4
Horde Horde Image Api 2.0.5
Horde Horde Image Api 2.3.1
Horde Horde Image Api 2.3.2
Horde Horde Image Api 2.5.0
Horde Horde Image Api 2.0.2
Horde Horde Image Api 2.0.3
Horde Horde Image Api 2.2.0
Horde Horde Image Api 2.3.0
Horde Horde Image Api 2.4.0
Horde Horde Image Api 2.4.1
Horde Horde Image Api 2.0.6
Horde Horde Image Api 2.0.7
Horde Horde Image Api 2.0.8
Horde Horde Image Api 2.3.3
6.1
CVSSv3
CVE-2015-8807
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware prior to 5.2.12 and Horde Groupware Webmail Edition prior to 5.2.12 allows remote malicious users to inject arbitrary ...
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Horde Groupware 5.2.11
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2020-8518
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
Horde Groupware 5.2.22
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »