Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2001-0744
Horde IMP 2.2.4 and previous versions allows local users to overwrite files via a symlink attack on a temporary file.
Horde Imp 2.2.2
Horde Imp 2.2.3
Horde Imp
Horde Imp 2.2
Horde Imp 2.0
Horde Imp 2.2.1
6
CVSSv2
CVE-2008-1284
Directory traversal vulnerability in Horde 3.1.6, Groupware prior to 1.0.5, and Groupware Webmail Edition prior to 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte i...
Horde Groupware Webmail Edition
Horde Horde 3.1.6
Horde Groupware
3.5
CVSSv2
CVE-2005-4189
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 prior to 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category a...
Horde Kronolith H3 2.0.2
Horde Kronolith H3 2.0.2 Rc1
Horde Kronolith H3 2.0 Beta
Horde Kronolith H3 2.0 Rc1
Horde Kronolith H3 2.0
Horde Kronolith H3 2.0.1
Horde Kronolith H3 2.0.5
Horde Kronolith H3 2.0 Alpha
Horde Kronolith H3 2.0.3
Horde Kronolith H3 2.0.3 Rc1
Horde Kronolith H3 2.0 Rc2
Horde Kronolith H3 2.0 Rc3
Horde Kronolith H3 2.0.4
Horde Kronolith H3 2.0.4 Rc1
4.3
CVSSv2
CVE-2009-0931
Cross-site scripting (XSS) vulnerability in the tag cloud search script (horde/services/portal/cloud_search.php) in Horde prior to 3.2.4 and 3.3.3, and Horde Groupware prior to 1.1.5, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Debian Horde
Debian Horde 3.3
Debian Horde 3.2.3
Debian Horde Groupware
Debian Horde 3.2.2
5.8
CVSSv2
CVE-2007-6018
IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote malicious users to (1) delete arbitrary e-mail messages via a modified numeric ID or (2) "purge" delet...
Horde Framework 3.1.5
Horde Imp 4.1.5
Horde Groupware Webmail Edition 1.0.3
Horde Horde 3.1.5
4.3
CVSSv2
CVE-2006-4256
index.php in Horde Application Framework prior to 3.1.2 allows remote malicious users to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to thi...
Horde Application Framework 3.0
Horde Application Framework 3.0.1
Horde Application Framework 3.0.7
Horde Application Framework 3.0.8
Horde Application Framework 3.0.4 Rc2
Horde Application Framework 3.0.6
Horde Application Framework 3.0.4
Horde Application Framework 3.0.4 Rc1
Horde Application Framework 3.1.1
Horde Application Framework 3.0.2
Horde Application Framework 3.0.3
Horde Application Framework 3.0.9
Horde Application Framework 3.1
7.5
CVSSv2
CVE-2006-1491
Eval injection vulnerability in Horde Application Framework versions 3.0 prior to 3.0.10 and 3.1 prior to 3.1.1 allows remote malicious users to execute arbitrary code via the help viewer.
Horde Application Framework 3.0.4 Rc2
Horde Application Framework 3.0.6
Horde Application Framework 3.0.4
Horde Application Framework 3.0.4 Rc1
Horde Application Framework 3.0
Horde Application Framework 3.0.1
Horde Application Framework 3.0.7
Horde Application Framework 3.0.8
Horde Application Framework 3.0.2
Horde Application Framework 3.0.3
Horde Application Framework 3.0.9
Horde Application Framework 3.1
1 EDB exploit
4.3
CVSSv2
CVE-2012-0909
Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition prior to 4.0.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to email verification. NOTE: Some of these details are obtained from thir...
Horde Groupware Webmail Edition 4.0.2
Horde Groupware Webmail Edition 4.0.1
Horde Groupware Webmail Edition 4.0
Horde Groupware Webmail Edition 1.2
Horde Groupware Webmail Edition 1.1.6
Horde Groupware Webmail Edition 1.1.5
Horde Groupware Webmail Edition 1.1.4
Horde Groupware Webmail Edition 1.0.4
Horde Groupware Webmail Edition 1.0.3
Horde Groupware Webmail Edition 1.0.2
Horde Groupware Webmail Edition 1.0.1
Horde Groupware Webmail Edition 1.2.7
Horde Groupware Webmail Edition 1.2.6
Horde Groupware Webmail Edition 1.2.5
Horde Groupware Webmail Edition 1.2.4
Horde Groupware Webmail Edition 1.2.3
Horde Groupware Webmail Edition 1.1
Horde Groupware Webmail Edition
Horde Groupware Webmail Edition 4.0.3
Horde Groupware Webmail Edition 1.2.9
Horde Groupware Webmail Edition 1.2.1
Horde Groupware Webmail Edition 1.1.2
4.3
CVSSv2
CVE-2004-2741
Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote malicious users to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters.
Horde Application Framework 2.2
Horde Application Framework 2.2.1
Horde Application Framework 2.1
Horde Application Framework 2.1.3
Horde Application Framework 2.2.6
Horde Application Framework 2.2.3
Horde Application Framework 2.2.4
Horde Application Framework 2.0
Horde Application Framework 2.2.4 Rc1
Horde Application Framework 2.2.5
7.5
CVSSv2
CVE-2012-0209
Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote malicious u...
Horde Groupware 1.2.10
Horde Horde 3.3.12
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »