Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 2.1 vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2009-2360
Cross-site scripting (XSS) vulnerability in passwd/main.php in the Passwd module prior to 3.1.1 for Horde allows remote malicious users to inject arbitrary web script or HTML via the backend parameter.
Horde Passwd
Horde Passwd 2.2.1
Horde Passwd 2.2.2
Horde Passwd 2.2
Horde Passwd 2.1
Horde Passwd 2.0
1 EDB exploit
890
VMScore
CVE-2008-7218
Unspecified vulnerability in the Horde API in Horde 3.1 prior to 3.1.6 and 3.2 prior to 3.2 prior to 3.2-RC2; Turba H3 2.1 prior to 2.1.6 and 2.2 prior to 2.2-RC2; Kronolith H3 2.1 prior to 2.1.7 and H3 2.2 prior to 2.2-RC2; Nag H3 2.1 prior to 2.1.4 and 2.2 prior to 2.2-RC2; Mne...
Horde Kronolith H3 2.1.1
Horde Kronolith H3 2.1
Horde Kronolith H3 2.1.2
Horde Turba H3 2.1.1
Horde Turba H3 2.1
Horde Nag H3 2.1.2
Horde Nag H3 2.1.3
Horde Groupware 1.1
Horde Horde 3.1.1
Horde Horde 3.1.2
Horde Kronolith H3 2.1.5
Horde Kronolith H3 2.1.6
Horde Turba H3 2.1.4
Horde Turba H3 2.2
Horde Mnemo H3 2.1.1
Horde Mnemo H3 2.2
Horde Groupware Webmail Edition 1.1
Horde Horde 3.1.5
Horde Groupware Webmail Edition 1.0
Horde Horde 3.1
Horde Kronolith H3 2.1.3
Horde Kronolith H3 2.1.4
383
VMScore
CVE-2005-1313
Cross-site scripting (XSS) vulnerability in Horde Passwd module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Passwd 2.0
Horde Passwd 2.1
Horde Passwd 2.2
Horde Passwd 2.2.1
383
VMScore
CVE-2005-1321
Cross-site scripting (XSS) vulnerability in Horde Vacation module prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Vaction 2.2.1
Horde Vaction 1.0a
Horde Vaction 2.2
Horde Vaction 2.1
516
VMScore
CVE-2005-3759
Multiple cross-site scripting (XSS) vulnerabilities in Horde prior to 3.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.
Horde Horde 1.2.4
Horde Horde 1.2.5
Horde Horde 2.2.1
Horde Horde 2.2.3
Horde Horde 2.2.9
Horde Horde 3.0
Horde Horde 3.0.6
Horde Horde 3.0.7
Horde Horde 1.2.2
Horde Horde 1.2.3
Horde Horde 2.1
Horde Horde 2.1.3
Horde Horde 2.2
Horde Horde 2.2.7
Horde Horde 2.2.8
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.6
Horde Horde 1.2.7
Horde Horde 2.2.4
Horde Horde 2.2.4 Rc1
Horde Horde 3.0.1
383
VMScore
CVE-2005-1318
Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Forwards 2.2
Horde Forwards 2.1
Horde Forwards 2.2.1
668
VMScore
CVE-2006-6175
Directory traversal vulnerability in lib/FBView.php in Horde Kronolith H3 prior to 2.0.7 and 2.1.x prior to 2.1.4 allows remote malicious users to include arbitrary files and execute PHP code via a .. (dot dot) sequence in the view parameter.
Horde Kronolith 2.0.4
Horde Kronolith 2.0.5
Horde Kronolith 2.0.2
Horde Kronolith 2.0.3
Horde Kronolith 2.1.3
Horde Kronolith 2.0.6
Horde Kronolith 2.1
Horde Kronolith 2.0.1
Horde Kronolith 2.1.1
Horde Kronolith 2.1.2
890
VMScore
CVE-2008-7219
Horde Kronolith H3 2.1 prior to 2.1.7 and 2.2 prior to 2.2-RC2; Nag H3 2.1 prior to 2.1.4 and 2.2 prior to 2.2-RC2; Mnemo H3 2.1 prior to 2.1.2 and H3 2.2 prior to 2.2-RC2; Groupware 1.0 prior to 1.0.3 and 1.1 prior to 1.1-RC2; and Groupware Webmail Edition 1.0 prior to 1.0.4 and...
Horde Kronolith H3 2.1.3
Horde Kronolith H3 2.1.6
Horde Nag H3 2.1
Horde Groupware 1.0
Horde Groupware 1.0.2
Horde Nag H3 2.1.2
Horde Nag H3 2.1.3
Horde Nag H3 2.2
Horde Mnemo H3 2.1
Horde Kronolith H3 2.1.4
Horde Kronolith H3 2.1
Horde Kronolith H3 2.1.2
Horde Kronolith H3 2.1.5
Horde Groupware 1.1
Horde Mnemo H3 2.1.1
Horde Groupware Webmail Edition 1.1
Horde Groupware Webmail Edition 1.0
Horde Groupware Webmail Edition 1.0.2
Horde Kronolith H3 2.1.1
Horde Kronolith H3 2.2
Horde Nag H3 2.1.1
Horde Mnemo H3 2.2
505
VMScore
CVE-2006-1260
Horde Application Framework 3.0.9 allows remote malicious users to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Horde Horde 1.2.2
Horde Horde 1.2.3
Horde Horde 2.1
Horde Horde 2.1.3
Horde Horde 2.2.6
Horde Horde 2.2.7
Horde Horde 2.2.8
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.4
Horde Horde 1.2.5
Horde Horde 2.2
Horde Horde 2.2.1
Horde Horde 2.2.9
Horde Horde 3.0
Horde Horde 3.0.6
Horde Horde 3.0.7
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 1.2.8
Horde Horde 2.0
Horde Horde 2.2.4 Rc1
1 EDB exploit
383
VMScore
CVE-2005-1316
Cross-site scripting (XSS) vulnerability in Horde Accounts module prior to 2.1.2 allows remote malicious users to inject arbitrary web script or HTML via the parent's frame page title.
Horde Accounts 2.1.1
Horde Accounts 2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »