Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0181
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote malicious users to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
Horde Horde 1.2.7
Horde Imp 2.2.8
4.3
CVSSv2
CVE-2005-1313
Cross-site scripting (XSS) vulnerability in Horde Passwd module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Passwd 2.0
Horde Passwd 2.1
Horde Passwd 2.2
Horde Passwd 2.2.1
4.3
CVSSv2
CVE-2005-1320
Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager prior to 1.1.4 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Mnemo 1.1
Horde Mnemo 1.1.1
Horde Mnemo 1.1.2
Horde Mnemo 1.1.3
4.3
CVSSv2
CVE-2005-1321
Cross-site scripting (XSS) vulnerability in Horde Vacation module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Vaction 2.2.1
Horde Vaction 1.0a
Horde Vaction 2.2
Horde Vaction 2.1
4.3
CVSSv2
CVE-2005-4242
Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the address book and (2) contact data.
Horde Turba H3 2.0.1
Horde Turba H3 2.0.2
Horde Turba H3 2.0
Horde Turba H3 2.0.3
Horde Turba H3
5
CVSSv2
CVE-2010-1638
The IMP plugin in Horde allows remote malicious users to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. NOTE: this is only a vulnerability when the administrator does not follow recommendations ...
Horde Horde
6.4
CVSSv2
CVE-2003-0728
Horde prior to 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL.
Horde Horde
6.8
CVSSv2
CVE-2005-1317
Cross-site scripting (XSS) vulnerability in Horde Chora module prior to 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Chora 1.2
Horde Chora 1.2.2
Horde Chora
4.3
CVSSv2
CVE-2008-2783
Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith allow remote malicious users to inject arbitrary web script or HTML via the timestamp parameter to (1) week.php, (2) workweek.php, and (3) day.php; and (4) the horde p...
Horde Groupware
Horde Groupware Webmail Edition
Horde Kronolith
3 EDB exploits
9
CVSSv2
CVE-2008-3650
Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.
Horde Groupware Webmail Edition 1.0
Horde Groupware Webmail Edition 1.0.1
Horde Groupware Webmail Edition 1.0.4
Horde Groupware Webmail Edition 1.0.5
Horde Groupware Webmail Edition 1.0.6
Horde Groupware Webmail Edition 1.0.7
Horde Groupware Webmail Edition 1.1
Horde Groupware Webmail Edition 1.0.2
Horde Groupware Webmail Edition 1.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »