Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2013-6364

Published: 05/11/2019 Updated: 18/08/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Groupware

Vulnerability Summary

Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

horde groupware 5.1.2

debian debian linux 8.0

debian debian linux 9.0

debian debian linux 10.0

Vendor Advisories

Debian CVElist Bug Report Logs: php-horde: CVE-2013-6364 CVE-2013-6365
Debian Bug report logs - #730110 php-horde: CVE-2013-6364 CVE-2013-6365 Package: php-horde; Maintainer for php-horde is Horde Maintainers <team+debian-horde-team@trackerdebianorg>; Source for php-horde is src:php-horde (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Thu, 21 Nov 2013 14: ...
Debian CVElist Bug Report Logs: php-horde: CVE-2013-6364 CVE-2013-6365
Debian Bug report logs - #730979 php-horde: CVE-2013-6364 CVE-2013-6365 Package: php-horde-turba; Maintainer for php-horde-turba is Horde Maintainers <team+debian-horde-team@trackerdebianorg>; Source for php-horde-turba is src:php-horde-turba (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Da ...

Exploits

Exploit DB: Horde Groupware Web Mail Edition 5.1.2 - Cross-Site Request Forgery (2)
############################# Exploit Title : CSRF Horde Groupware Web mail Edition Author:Marcela Benetrix Date: 10/28/13 version: 512 software link:wwwhordeorg/apps/webmail ############################# GroupWare Web mail Edition Horde Groupware Webmail Edition is a free, enterprise ready, browser based communication suite Users can ...
Exploit DB: Horde 5.1.2 Cross Site Request Forgery / Cross Site Scripting
Horde version 512 suffers from cross site request forgery and cross site scripting vulnerabilities ...

References

CWE-352CWE-79http://www.exploit-db.com/exploits/29519https://www.securityfocus.com/archive/1/529589https://security-tracker.debian.org/tracker/CVE-2013-6364http://archives.neohapsis.com/archives/bugtraq/2013-11/0012.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6364https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6364https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730110https://www.exploit-db.com/exploits/29519/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook