The framework/Util/lib/Horde/Variables.php script in the Util library in Horde prior to 5.1.1 allows remote malicious users to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
horde horde application framework 5.0.4 |
||
horde horde application framework 5.0.2 |
||
horde horde application framework 5.0.1 |
||
horde horde application framework 5.0.0 |
||
horde horde application framework |
||
horde horde application framework 5.0.3 |