Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0181
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote malicious users to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
Horde Horde 1.2.7
Horde Imp 2.2.8
NA
CVE-2005-1313
Cross-site scripting (XSS) vulnerability in Horde Passwd module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Passwd 2.0
Horde Passwd 2.1
Horde Passwd 2.2
Horde Passwd 2.2.1
NA
CVE-2005-1320
Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager prior to 1.1.4 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Mnemo 1.1
Horde Mnemo 1.1.1
Horde Mnemo 1.1.2
Horde Mnemo 1.1.3
NA
CVE-2005-1321
Cross-site scripting (XSS) vulnerability in Horde Vacation module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Vaction 2.2.1
Horde Vaction 1.0a
Horde Vaction 2.2
Horde Vaction 2.1
NA
CVE-2005-4242
Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the address book and (2) contact data.
Horde Turba H3 2.0.1
Horde Turba H3 2.0.2
Horde Turba H3 2.0
Horde Turba H3 2.0.3
Horde Turba H3
NA
CVE-2010-1638
The IMP plugin in Horde allows remote malicious users to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. NOTE: this is only a vulnerability when the administrator does not follow recommendations ...
Horde Horde
NA
CVE-2003-0728
Horde prior to 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL.
Horde Horde
NA
CVE-2005-1317
Cross-site scripting (XSS) vulnerability in Horde Chora module prior to 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Chora 1.2
Horde Chora 1.2.2
Horde Chora
NA
CVE-2008-2783
Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote malicious users to inject arbitrary web script or HTML via the timestamp parameter to (1) week.php, (2) workweek.php, and (3) day.php; and (4) the horde p...
Horde Groupware
Horde Groupware Webmail Edition
Horde Kronolith
3 EDB exploits
NA
CVE-2008-3650
Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.
Horde Groupware Webmail Edition 1.0
Horde Groupware Webmail Edition 1.0.1
Horde Groupware Webmail Edition 1.0.4
Horde Groupware Webmail Edition 1.0.5
Horde Groupware Webmail Edition 1.0.6
Horde Groupware Webmail Edition 1.0.7
Horde Groupware Webmail Edition 1.1
Horde Groupware Webmail Edition 1.0.2
Horde Groupware Webmail Edition 1.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »