Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horde horde 1.2.5 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2001-1370
prepend.php3 in PHPLib prior to 7.2d, when register_globals is enabled for PHP, allows remote malicious users to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5 and previous versions...
Phplib Team Phplib 7.2
Phplib Team Phplib 7.2.1
Phplib Team Phplib 7.2b
Phplib Team Phplib 7.2c
1 EDB exploit
516
VMScore
CVE-2005-3759
Multiple cross-site scripting (XSS) vulnerabilities in Horde prior to 3.0.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.
Horde Horde 1.2.4
Horde Horde 1.2.5
Horde Horde 2.2.1
Horde Horde 2.2.3
Horde Horde 2.2.9
Horde Horde 3.0
Horde Horde 3.0.6
Horde Horde 3.0.7
Horde Horde 1.2.2
Horde Horde 1.2.3
Horde Horde 2.1
Horde Horde 2.1.3
Horde Horde 2.2
Horde Horde 2.2.7
Horde Horde 2.2.8
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.6
Horde Horde 1.2.7
Horde Horde 2.2.4
Horde Horde 2.2.4 Rc1
Horde Horde 3.0.1
505
VMScore
CVE-2006-1260
Horde Application Framework 3.0.9 allows remote malicious users to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Horde Horde 1.2.2
Horde Horde 1.2.3
Horde Horde 2.1
Horde Horde 2.1.3
Horde Horde 2.2.6
Horde Horde 2.2.7
Horde Horde 2.2.8
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.4
Horde Horde 1.2.5
Horde Horde 2.2
Horde Horde 2.2.1
Horde Horde 2.2.9
Horde Horde 3.0
Horde Horde 3.0.6
Horde Horde 3.0.7
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 1.2.8
Horde Horde 2.0
Horde Horde 2.2.4 Rc1
1 EDB exploit
450
VMScore
CVE-2009-3701
Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in Horde Application Framework prior to 3.3.6, Horde Groupware prior to 1.2.5, and Horde Groupware Webmail Edition prior to 1.2.5 allow remote malicious users to inject arbitrary web script or HTM...
Horde Application Framework 3.3.4
Horde Application Framework 2.1
Horde Application Framework 2.1.3
Horde Application Framework 3.0.4
Horde Application Framework 3.0
Horde Application Framework 3.0.9
Horde Application Framework 3.2.1
Horde Groupware 1.2.3
Horde Groupware
Horde Groupware 1.0.1
Horde Groupware 1.2
Horde Groupware 1.1.5
Horde Application Framework 2.2.4 Rc1
Horde Application Framework 2.2.5
Horde Application Framework 2.2.3
Horde Application Framework 3.0.1
Horde Application Framework 2.2.6
Horde Application Framework 2.0
Horde Application Framework 3.0.2
Horde Application Framework 3.0.3
Horde Application Framework 3.1
Horde Application Framework 3.1.1
4 EDB exploits
435
VMScore
CVE-2010-3695
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related t...
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.1
Horde Imp 4.1.5
Horde Imp 4.0.3
Horde Imp 2.2.5
Horde Imp 4.3.5
Horde Imp 4.2.2
Horde Imp 4.3
Horde Imp 4.3.2
Horde Imp 3.2.7
Horde Imp 3.2
Horde Imp 3.1.2
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 2.0
Horde Imp 4.3.3
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 2.2.8
Horde Imp 3.1
Horde Imp 4.0.2
1 EDB exploit
435
VMScore
CVE-2007-1473
Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework prior to 3.1.4 RC1, when the login page contains a language selection box, allows remote malicious users to inject arbitrary web script or HTML via the new_lang parameter to login.php.
Horde Horde Application Framework 1.2.5
Horde Horde Application Framework 1.2.6
Horde Horde Application Framework 1.2.7
Horde Horde Application Framework 2.2.1
Horde Horde Application Framework 2.2.3
Horde Horde Application Framework 3.0.0
Horde Horde Application Framework 3.0.1
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 1.2.0
Horde Horde Application Framework 1.2.8
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 2.2.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.10
Horde Horde Application Framework 3.0.2
Horde Horde Application Framework 3.1.0
Horde Horde Application Framework 3.1.1
Horde Horde Application Framework 1.2.3
Horde Horde Application Framework 1.2.4
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2
1 EDB exploit
383
VMScore
CVE-2012-0909
Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition prior to 4.0.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to email verification. NOTE: Some of these details are obtained from thir...
Horde Groupware Webmail Edition 4.0.2
Horde Groupware Webmail Edition 4.0.1
Horde Groupware Webmail Edition 4.0
Horde Groupware Webmail Edition 1.2
Horde Groupware Webmail Edition 1.1.6
Horde Groupware Webmail Edition 1.1.5
Horde Groupware Webmail Edition 1.1.4
Horde Groupware Webmail Edition 1.0.4
Horde Groupware Webmail Edition 1.0.3
Horde Groupware Webmail Edition 1.0.2
Horde Groupware Webmail Edition 1.0.1
Horde Groupware Webmail Edition 1.2.7
Horde Groupware Webmail Edition 1.2.6
Horde Groupware Webmail Edition 1.2.5
Horde Groupware Webmail Edition 1.2.4
Horde Groupware Webmail Edition 1.2.3
Horde Groupware Webmail Edition 1.1
Horde Groupware Webmail Edition
Horde Groupware Webmail Edition 4.0.3
Horde Groupware Webmail Edition 1.2.9
Horde Groupware Webmail Edition 1.2.1
Horde Groupware Webmail Edition 1.1.2
383
VMScore
CVE-2012-0791
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP prior to 5.0.18 and Horde Groupware Webmail Edition prior to 4.0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compo...
Horde Imp 2.2.7
Horde Dynamic Imp 1.1
Horde Imp 2.2.5
Horde Imp 4.0
Horde Dynamic Imp 1.1.6
Horde Imp 4.1.3
Horde Dynamic Imp 1.1.1
Horde Dynamic Imp 5.0.4
Horde Imp 4.1.6
Horde Imp 5.0.3
Horde Imp 3.1
Horde Imp 5.0.2
Horde Dynamic Imp 5.0.13
Horde Imp 4.3.6
Horde Dynamic Imp 1.0
Horde Dynamic Imp 5.0.5
Horde Imp 3.2.4
Horde Imp 3.1.2
Horde Imp 5.0
Horde Imp 4.3.3
Horde Imp 4.2
Horde Dynamic Imp
383
VMScore
CVE-2010-3693
Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) prior to 1.1.5, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via vectors related to displaying mailbox names.
Horde Groupware 1.0.7
Horde Groupware 1.1.4
Horde Groupware 1.1.3
Horde Groupware 1.2
Horde Groupware 1.0
Horde Groupware
Horde Groupware 1.1.6
Horde Groupware 1.1
Horde Groupware 1.0.1
Horde Groupware 1.0.6
Horde Groupware 1.2.2
Horde Groupware 1.2.5
Horde Groupware 1.0.4
Horde Groupware 1.2.3
Horde Groupware 1.1.5
Horde Groupware 1.0.5
Horde Groupware 1.1.2
Horde Groupware 1.0.2
Horde Groupware 1.0.3
Horde Groupware 1.2.4
Horde Groupware 1.0.8
Horde Groupware 1.1.1
383
VMScore
CVE-2010-4778
Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allow remote malicious users to inject arbitrary web script or HTML via the (1) username (aka fmusername), (2) password (aka ...
Horde Imp 4.0.3
Horde Imp 4.1.6
Horde Imp 2.2.5
Horde Imp 2.2.6
Horde Imp 4.2.2
Horde Imp 4.2
Horde Imp 3.2.7
Horde Imp 4.0
Horde Imp 3.2
Horde Imp 3.2.2
Horde Imp 2.2
Horde Imp 2.2.1
Horde Imp 2.2.2
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 3.2.6
Horde Imp 3.2.5
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.4
Horde Imp 4.3.6
Horde Imp 2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »