MidnightBSD

Advisories for horde

CVE-2000-0910 MEDIUM

Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde horde 1.2
CVE-2000-0911 MEDIUM

IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 2.2
horde imp 2.0
CVE-2001-0744 LOW

Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 2.2.2
horde imp 2.2
horde imp 2.0
horde imp 2.2.1
horde imp 2.2.3
horde imp *
CVE-2001-1257 HIGH

Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 2.2.2
horde imp 2.2.5
horde imp 2.2
horde imp 2.0
horde imp 2.2.1
horde imp 2.2.3
horde imp 2.2.4
CVE-2001-1258 LOW

Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 2.2.2
horde imp 2.2.5
horde imp 2.2
horde imp 2.0
horde imp 2.2.1
horde imp 2.2.3
horde imp 2.2.4
CVE-2002-0181 HIGH

Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 2.2.8
horde horde 1.2.7
CVE-2002-2024 MEDIUM

Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,CWE-219,

Products Affected

Vendor Product Version
horde imp 2.2.7
CVE-2003-0025 HIGH

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 2.2.8
horde imp 2.2.2
horde imp 2.2.5
horde imp 2.2.6
horde imp 2.2
horde imp 2.2.1
horde imp 2.2.3
horde imp 2.2.7
horde imp 2.2.4
CVE-2003-0728 MEDIUM

Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde horde *
CVE-2004-0584 MEDIUM

Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly validate input, which allows remote attackers to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross-site scripting (XSS) vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 2.2.2
horde imp 2.2.5
horde imp 3.0
horde imp 3.2.3
horde imp 3.2
horde imp 2.3
horde imp 2.0
horde imp 3.1.2
horde imp 3.2.2
horde imp 3.1
horde imp 2.2.8
horde imp 2.2.6
horde imp 2.2
horde imp 2.2.1
horde imp 2.2.3
horde imp 2.2.7
horde imp 3.2.1
horde imp 2.2.4
CVE-2004-1443 MEDIUM

Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and earlier, when used with Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via an e-mail message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 3.2.4
horde imp 2.2.2
horde imp 2.2.5
horde imp 3.0
horde imp 3.2.3
horde imp 3.2
horde imp 2.3
horde imp 2.0
horde imp 3.1.2
horde imp 3.2.2
horde imp 3.1
horde imp 2.2.8
horde imp 2.2.6
horde imp 2.2
horde imp 2.2.1
horde imp 2.2.3
horde imp 2.2.7
horde imp 3.2.1
horde imp 2.2.4
CVE-2004-2741 MEDIUM

Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde application_framework 2.1.3
horde application_framework 2.2.3
horde application_framework 2.2.5
horde application_framework 2.2.4_rc1
horde application_framework 2.1
horde application_framework 2.2.1
horde application_framework 2.0
horde application_framework 2.2
horde application_framework 2.2.4
horde application_framework 2.2.6
CVE-2005-0378 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde horde 3.0
CVE-2005-0961 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde application_framework 3.0.4_rc1
CVE-2005-1313 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Passwd module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde passwd 2.2.1
horde passwd 2.0
horde passwd 2.1
horde passwd 2.2
CVE-2005-1314 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Kronolith module before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde kronolith 1.1.3
CVE-2005-1315 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Turba module before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde turba 1.2
horde turba 1.2.1_rc1
horde turba 1.2.3
horde turba 1.2.3_rc1
horde turba 1.2.2
horde turba 1.2.1
horde turba 1.2.4
CVE-2005-1316 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Accounts module before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde accounts 2.1.1
horde accounts 2.1
CVE-2005-1317 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde chora 1.2.2
horde chora 1.2
horde chora *
CVE-2005-1318 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde forwards 2.2
horde forwards 2.1
horde forwards 2.2.1
CVE-2005-1319 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 3.2.4
horde imp 3.2.5
horde imp 3.2.7
horde imp 3.2.3
horde imp 3.2.7_rc1
horde imp 3.2.6
horde imp *
CVE-2005-1320 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde mnemo 1.1.3
horde mnemo 1.1.2
horde mnemo 1.1
horde mnemo 1.1.1
CVE-2005-1321 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Vacation module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde vaction 1.0a
horde vaction 2.2.1
horde vaction 2.1
horde vaction 2.2
CVE-2005-1322 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde nag 1.1.2
horde nag 1.1.1
CVE-2005-3344 HIGH

The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde horde 3.0.4
CVE-2005-3570 MEDIUM

Unspecified cross-site scripting (XSS) vulnerability in Horde before 2.2.9 allows remote attackers to inject arbitrary web script or HTML via "not properly escaped error messages".

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde horde 2.2.3
horde horde 2.2.4_rc1
horde horde 2.2.8
horde horde 2.2.5
horde horde 2.2
horde horde 2.2.1
horde horde 2.2.4
horde horde 2.2.7
horde horde 2.2.6
CVE-2005-3759 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde horde 1.2.5
horde horde 3.0.1
horde horde 3.0.2
horde horde 3.0.7
horde horde 2.1
horde horde 1.2.7
horde horde 3.0.4_rc2
horde horde 2.2.9
horde horde 3.0.4_rc1
horde horde 1.2.4
horde horde 3.0.3
horde horde 2.2.4
horde horde 2.1.3
horde horde 1.2.8
horde horde 2.2.4_rc1
horde horde 1.2.2
horde horde 1.2.6
horde horde 1.2.1
horde horde 3.0
horde horde 2.2.8
horde horde 2.2.5
horde horde 2.0
horde horde 2.2.7
horde horde 3.0.4
horde horde 2.2.3
horde horde 2.2
horde horde 2.2.1
horde horde 3.0.6
horde horde 1.2.3
horde horde 1.2
horde horde 2.2.6
CVE-2005-4080 MEDIUM

Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde imp 3.2.5
horde imp 2.2.2
horde imp 3.0
horde imp 3.2
horde imp 4.0.2
horde imp 2.3
horde imp 2.0
horde imp 3.2.2
horde imp 4.0
horde imp 2.2.8
horde imp 4.0.1
horde imp 2.2.3
horde imp 2.2.7
horde imp 2.2.4
horde imp 3.2.4
horde imp 2.2.5
horde imp 3.2.3
horde imp 4.0.4
horde imp 3.1.2
horde imp 3.1
horde imp 4.0.3
horde imp 2.2.6
horde imp 2.2
horde imp 2.2.1
horde imp 3.2.1
CVE-2005-4189 LOW

Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde kronolith_h3 2.0.4
horde kronolith_h3 2.0_rc1
horde kronolith_h3 2.0.4_rc1
horde kronolith_h3 2.0.3_rc1
horde kronolith_h3 2.0
horde kronolith_h3 2.0.2
horde kronolith_h3 2.0.3
horde kronolith_h3 2.0.5
horde kronolith_h3 2.0_beta
horde kronolith_h3 2.0_rc2
horde kronolith_h3 2.0_alpha
horde kronolith_h3 2.0.2_rc1
horde kronolith_h3 2.0.1
horde kronolith_h3 2.0_rc3
CVE-2005-4190 LOW

Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework before 3.0.8 allow remote authenticated users to inject arbitrary web script or HTML via multiple vectors, as demonstrated by (1) the identity field, (2) Category and (3) Label search fields, (4) the Mobile Phone field, and (5) Date and (6) Time fields when importing CSV files, as exploited through modules such as (a) Turba Address Book, (b) Kronolith, (c) Mnemo, and (d) Nag.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde horde_application_framework 2.1
horde horde_application_framework 3.0.1
horde horde_application_framework 1.0.4
horde horde_application_framework 3.0.7
horde horde_application_framework 2.2.4
horde horde_application_framework 1.0.9
horde horde_application_framework 1.2.1
horde horde_application_framework 1.2.6
horde horde_application_framework 2.2.7
horde horde_application_framework 1.0.6
horde horde_application_framework 3.0.4
horde horde_application_framework 2.0
horde horde_application_framework 1.0.3_3
horde horde_application_framework 1.2.8
horde horde_application_framework 2.2.5
horde horde_application_framework 2.2.6
horde horde_application_framework 1.0.2_1
horde horde_application_framework 1.0.8
horde horde_application_framework 2.2.8
horde horde_application_framework 2.2.9
horde horde_application_framework 3.0.3
horde horde_application_framework 1.2.5
horde horde_application_framework 1.0.11
horde horde_application_framework 2.2.3
horde horde_application_framework 1.2.2
horde horde_application_framework 3.0.2
horde horde_application_framework 3.0.6
horde horde_application_framework 1.3.4
horde horde_application_framework 1.0.3_4
horde horde_application_framework 1.0.10
horde horde_application_framework 2.2
horde horde_application_framework 3.0.5
horde horde_application_framework 1.0.5
horde horde_application_framework 1.0.0
horde horde_application_framework 1.0.3
horde horde_application_framework 1.2.7
horde horde_application_framework 1.2.3
horde horde_application_framework 1.0.3_2
horde horde_application_framework 1.2.4
horde horde_application_framework 2.2.1
horde horde_application_framework 1.2.0
horde horde_application_framework 1.0.2
horde horde_application_framework 1.3.3
CVE-2005-4191 LOW

Multiple cross-site scripting (XSS) vulnerabilities in templates/tasklists/tasklists.inc in Horde Nag Task List Manager H3 before 2.0.4 allow remote authenticated users to inject arbitrary web script or HTML via (1) the tasklist's name or (2) description, when creating a new tasklist.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde nag_task_list_manager_h3 1.1.1
horde nag_task_list_manager_h3 2.0
horde nag_task_list_manager_h3 2.0.3
horde nag_task_list_manager_h3 2.0.1
horde nag_task_list_manager_h3 1.1.3
horde nag_task_list_manager_h3 1.1.2
horde nag_task_list_manager_h3 2.0.2
horde nag_task_list_manager_h3 1.1
CVE-2005-4242 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde turba_h3 2.0.1
horde turba_h3 2.0.3
horde turba_h3 2.0
horde turba_h3 *
horde turba_h3 2.0.2
CVE-2006-1260 MEDIUM

Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde horde 1.2.5
horde horde 3.0.1
horde horde 3.0.2
horde horde 3.0.7
horde horde 2.1
horde horde 1.2.7
horde horde 3.0.4_rc2
horde horde 2.2.9
horde horde 3.0.4_rc1
horde horde 1.2.4
horde horde 3.0.3
horde horde 2.2.4
horde horde 2.1.3
horde horde 3.0.9
horde horde 1.2.8
horde horde 2.2.4_rc1
horde horde 1.2.2
horde horde 1.2.6
horde horde 1.2.1
horde horde 3.0
horde horde 2.2.8
horde horde 3.0.8
horde horde 2.2.5
horde horde 2.0
horde horde 2.2.7
horde horde 3.0.4
horde horde 2.2.3
horde horde 2.2
horde horde 2.2.1
horde horde 3.0.6
horde horde 1.2.3
horde horde 1.2
horde horde 2.2.6
CVE-2006-1491 HIGH

Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
horde application_framework 3.0.2
horde application_framework 3.0.8
horde application_framework 3.0.6
horde application_framework 3.0.1
horde application_framework 3.0.4_rc2
horde application_framework 3.0
horde application_framework 3.0.4_rc1
horde application_framework 3.0.4
horde application_framework 3.0.7
horde application_framework 3.0.9
horde application_framework 3.1
horde application_framework 3.0.3
CVE-2006-2195 MEDIUM

Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde horde 3.0.4
horde horde 3.0.1
horde horde 3.0.2
horde horde 3.0.4_rc1
horde horde 3.0.7
horde horde 3.0
horde horde 3.0.3
horde horde 3.0.8
horde horde *
horde horde 3.0.6
horde horde 3.0.4_rc2
CVE-2006-3548 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https, or (4) ftp URI in the url parameter in services/go.php (aka the dereferrer), (5) a javascript URI in the module parameter in services/help (aka the help viewer), and (6) the name parameter in services/problem.php (aka the problem reporting screen).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde horde 3.0.1
horde horde 3.0.2
horde horde 3.0.7
horde horde 3.0
horde horde 3.0.8
horde horde 3.0.4_rc2
horde horde 3.0.4
horde horde 3.1.1
horde horde 3.0.4_rc1
horde horde 3.0.3
horde horde 3.0.6
horde horde 3.0.9
horde horde 3.1
CVE-2006-3549 MEDIUM

services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
horde horde_application_framework 3.0.1
horde horde_application_framework 3.0.0
horde horde_application_framework 3.1.1
horde horde_application_framework 3.0.3
horde horde_application_framework 3.0.7
horde horde_application_framework 3.0.2
horde horde_application_framework 3.0.6
horde horde_application_framework 3.0.8
horde horde_application_framework 3.0.5
horde horde_application_framework 3.0.4
horde horde_application_framework 3.1.0
horde horde_application_framework 3.0.10
horde horde_application_framework 3.0.9
CVE-2007-1679 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware Webmail 1.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in (1) imp/search.php and (2) ingo/rule.php. NOTE: this issue has been disputed by the vendor, noting that the search.php issue was resolved in CVE-2006-4255, and attackers can only use rule.php to inject XSS into their own pages

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,CWE-79,

Products Affected

Vendor Product Version
horde groupware 1.0
CVE-2010-0463 MEDIUM

Horde IMP 4.3.6 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-mail messages, which makes it easier for remote attackers to determine the network location of the webmail user by logging DNS requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
horde imp 4.1.3
horde imp 3.2.5
horde imp 4.2.1
horde imp 2.2.2
horde imp 3.0
horde imp 3.2
horde imp 4.0.2
horde imp 4.3.3
horde imp 2.3
horde imp 2.0
horde imp 3.2.2
horde imp 4.0
horde imp 4.3
horde imp 2.2.8
horde imp 4.0.1
horde imp 3.2.7
horde imp 4.3.2
horde imp 4.2
horde imp 2.2.3
horde imp 2.2.7
horde imp 4.3.4
horde imp 2.2.4
horde imp 3.2.4
horde imp 2.2.5
horde imp 3.2.3
horde imp 4.3.1
horde imp 4.0.4
horde imp 3.1.2
horde imp 3.2.6
horde imp 3.1
horde imp 4.0.3
horde imp 4.1.6
horde imp 4.2.2
horde imp 2.2.6
horde imp 2.2
horde imp 4.1.5
horde imp 4.3.5
horde imp 2.2.1
horde imp 3.2.1
horde imp *
CVE-2010-1638 MEDIUM

The IMP plugin in Horde allows remote attackers to bypass firewall restrictions and use Horde as a proxy to scan internal networks via a crafted request to an unspecified test script. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
horde horde *
CVE-2010-3077 MEDIUM

Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde horde_application_framework 2.1
horde horde_application_framework 3.0.1
horde horde_application_framework *
horde horde_application_framework 3.0.7
horde horde_application_framework 3.0.11
horde horde_application_framework 3.3.6
horde horde_application_framework 3.3.1
horde horde_application_framework 1.3.2
horde horde_application_framework 3.0.10
horde horde_application_framework 3.1.4
horde horde_application_framework 3.2
horde horde_application_framework 3.0.9
horde horde_application_framework 3.3
horde horde_application_framework 3.0.12
horde horde_application_framework 3.2.1
horde horde_application_framework 2.2.9
horde horde_application_framework 3.3.5
horde horde_application_framework 2.2.3
horde horde_application_framework 1.3.1
horde horde_application_framework 3.1.9
horde horde_application_framework 3.0.2
horde horde_application_framework 2.2
horde horde_application_framework 1.0.3
horde horde_application_framework 2.2.2
horde horde_application_framework 3.0
horde horde_application_framework 3.1.7
horde horde_application_framework 3.1.2
horde horde_application_framework 2.2.1
horde horde_application_framework 3.1
horde horde_application_framework 3.2.5
horde horde_application_framework 3.3.7
horde horde_application_framework 2.2.4
horde horde_application_framework 1.3.0
horde horde_application_framework 2.2.7
horde horde_application_framework 1.1.1
horde horde_application_framework 3.1.3
horde horde_application_framework 3.0.4
horde horde_application_framework 3.1.6
horde horde_application_framework 3.2.4
horde horde_application_framework 2.0
horde horde_application_framework 2.2.5
horde horde_application_framework 2.2.6
horde horde_application_framework 3.3.3
horde horde_application_framework 3.3.2
horde horde_application_framework 3.2.2
horde horde_application_framework 3.2.3
horde horde_application_framework 3.3.4
horde horde_application_framework 3.1.1
horde horde_application_framework 2.2.8
horde horde_application_framework 3.0.3
horde horde_application_framework 1.3.5
horde horde_application_framework 3.0.6
horde horde_application_framework 1.3.4
horde horde_application_framework 3.0.8
horde horde_application_framework 3.0.5
horde horde_application_framework 3.1.8
horde horde_application_framework 3.1.5
horde horde_application_framework 1.3.3
CVE-2010-3447 MEDIUM

Cross-site scripting (XSS) vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a view_file action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde gollem 1.0
horde gollem 1.0.1
horde gollem 1.0.3
horde gollem 1.1
horde gollem 1.0.2
horde gollem *
horde gollem 1.0.4
CVE-2010-3693 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) before 1.1.5, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via vectors related to displaying mailbox names.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware 1.0.4
horde groupware 1.1.2
horde groupware 1.2.3
horde groupware 1.1.3
horde dynamic_imp 1.1.1
horde groupware 1.2.2
horde groupware 1.2.5
horde dynamic_imp 1.1
horde groupware 1.0.6
horde groupware 1.2
horde groupware 1.0
horde dynamic_imp *
horde dynamic_imp 1.1.3
horde groupware 1.0.5
horde groupware 1.0.3
horde groupware 1.0.7
horde groupware 1.2.1
horde groupware 1.0.1
horde groupware *
horde groupware 1.1.1
horde groupware 1.0.2
horde groupware 1.1.5
horde groupware 1.2.4
horde groupware 1.1
horde groupware 1.1.6
horde groupware 1.1.4
horde groupware 1.0.8
horde dynamic_imp 1.0
horde dynamic_imp 1.1.2
CVE-2010-3694 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework before 3.3.9 allows remote attackers to hijack the authentication of unspecified victims for requests to a preference form.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
horde horde_application_framework 2.1
horde horde_application_framework 3.0.1
horde horde_application_framework *
horde horde_application_framework 3.0.7
horde horde_application_framework 3.0.11
horde horde_application_framework 3.3.6
horde horde_application_framework 3.3.1
horde horde_application_framework 1.3.2
horde horde_application_framework 3.0.10
horde horde_application_framework 3.1.4
horde horde_application_framework 3.2
horde horde_application_framework 3.0.9
horde horde_application_framework 3.3
horde horde_application_framework 3.0.12
horde horde_application_framework 3.2.1
horde horde_application_framework 2.2.9
horde horde_application_framework 3.3.5
horde horde_application_framework 2.2.3
horde horde_application_framework 1.3.1
horde horde_application_framework 3.1.9
horde horde_application_framework 3.0.2
horde horde_application_framework 2.2
horde horde_application_framework 1.0.3
horde horde_application_framework 2.2.2
horde horde_application_framework 3.0
horde horde_application_framework 3.1.7
horde horde_application_framework 3.1.2
horde horde_application_framework 2.2.1
horde horde_application_framework 3.1
horde horde_application_framework 3.2.5
horde horde_application_framework 3.3.7
horde horde_application_framework 2.2.4
horde horde_application_framework 1.3.0
horde horde_application_framework 2.2.7
horde horde_application_framework 1.1.1
horde horde_application_framework 3.1.3
horde horde_application_framework 3.0.4
horde horde_application_framework 3.1.6
horde horde_application_framework 3.2.4
horde horde_application_framework 2.0
horde horde_application_framework 2.2.5
horde horde_application_framework 2.2.6
horde horde_application_framework 3.3.3
horde horde_application_framework 3.3.2
horde horde_application_framework 3.2.2
horde horde_application_framework 3.2.3
horde horde_application_framework 3.3.4
horde horde_application_framework 3.1.1
horde horde_application_framework 2.2.8
horde horde_application_framework 3.0.3
horde horde_application_framework 1.3.5
horde horde_application_framework 3.0.6
horde horde_application_framework 1.3.4
horde horde_application_framework 3.0.8
horde horde_application_framework 3.0.5
horde horde_application_framework 3.1.8
horde horde_application_framework 3.1.5
horde horde_application_framework 1.3.3
CVE-2010-3695 MEDIUM

Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related to the Fetchmail configuration.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde imp 4.1.3
horde imp 4.2.1
horde imp 3.2
horde imp 4.3.3
horde groupware 1.1.3
horde imp 2.3
horde imp 3.2.2
horde imp 4.0
horde groupware 1.2.2
horde groupware 1.2.5
horde imp 4.0.1
horde groupware 1.2
horde imp 3.2.7
horde imp 4.3.2
horde imp 4.2
horde imp 4.3.4
horde imp 2.2.4
horde imp 2.2.5
horde imp 4.3.1
horde groupware *
horde groupware 1.0.2
horde groupware 1.1.5
horde imp 3.1.2
horde groupware 1.2.4
horde imp 4.0.3
horde groupware 1.1.6
horde imp 4.2.2
horde imp 2.2
horde groupware 1.0.8
horde imp 4.1.5
horde imp 2.2.1
horde imp 3.2.1
horde groupware 1.0.4
horde groupware 1.1.2
horde imp 3.2.5
horde groupware 1.2.3
horde imp 2.2.2
horde imp 3.0
horde imp 4.0.2
horde imp 2.0
horde imp 4.3
horde imp 2.2.8
horde groupware 1.0.6
horde groupware 1.0
horde groupware 1.0.5
horde groupware 1.0.3
horde imp 2.2.3
horde imp 2.2.7
horde imp 3.2.4
horde groupware 1.0.7
horde groupware 1.2.1
horde imp 3.2.3
horde groupware 1.0.1
horde groupware 1.1.1
horde imp 4.0.4
horde imp 3.2.6
horde imp 3.1
horde groupware 1.1
horde imp 4.1.6
horde groupware 1.1.4
horde imp 2.2.6
horde imp 4.3.5
horde imp 4.3.6
horde imp *
CVE-2010-4778 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde Groupware Webmail Edition before 1.2.7, allow remote attackers to inject arbitrary web script or HTML via the (1) username (aka fmusername), (2) password (aka fmpassword), or (3) server (aka fmserver) field in a fetchmail_prefs_save action, related to the Fetchmail configuration, a different issue than CVE-2010-3695. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde imp 4.1.3
horde imp 4.2.1
horde imp 3.2
horde imp 4.3.3
horde groupware 1.1.3
horde imp 2.3
horde imp 3.2.2
horde imp 4.0
horde groupware 1.2.2
horde groupware 1.2.5
horde imp 4.0.1
horde groupware 1.2
horde imp 3.2.7
horde imp 4.3.2
horde imp 4.2
horde imp 4.3.4
horde imp 2.2.4
horde imp 2.2.5
horde imp 4.3.1
horde groupware *
horde groupware 1.0.2
horde groupware 1.1.5
horde imp 3.1.2
horde groupware 1.2.4
horde imp 4.0.3
horde groupware 1.1.6
horde imp 4.2.2
horde imp 2.2
horde groupware 1.0.8
horde imp 4.1.5
horde imp 2.2.1
horde imp 3.2.1
horde groupware 1.0.4
horde groupware 1.1.2
horde imp 3.2.5
horde groupware 1.2.3
horde imp 2.2.2
horde imp 3.0
horde imp 4.0.2
horde imp 2.0
horde imp 4.3
horde imp 2.2.8
horde groupware 1.0.6
horde groupware 1.0
horde groupware 1.0.5
horde groupware 1.0.3
horde imp 2.2.3
horde imp 2.2.7
horde imp 3.2.4
horde groupware 1.0.7
horde groupware 1.2.1
horde imp 3.2.3
horde groupware 1.0.1
horde groupware 1.1.1
horde imp 4.0.4
horde imp 3.2.6
horde imp 3.1
horde groupware 1.1
horde imp 4.1.6
horde groupware 1.1.4
horde imp 2.2.6
horde imp 4.3.5
horde imp 4.3.6
horde imp *
CVE-2012-0791 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edition before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) composeCache, (2) rtemode, or (3) filename_* parameters to the compose page; (4) formname parameter to the contacts popup window; or (5) IMAP mailbox names. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware_webmail_edition 1.0.4
horde dynamic_imp 5.0.1
horde imp 3.2
horde imp 4.3.3
horde dynamic_imp 5.0.12
horde dynamic_imp 1.1
horde imp 4.0.1
horde imp 4.2
horde imp 2.2.4
horde groupware_webmail_edition 1.0
horde groupware_webmail_edition 1.2.3
horde dynamic_imp 5.0.13
horde groupware_webmail_edition 1.1
horde imp 2.2.5
horde imp 4.3.1
horde imp 4.3.8
horde groupware_webmail_edition 1.2.1
horde groupware_webmail_edition 1.2.2
horde imp 3.1.2
horde groupware_webmail_edition 1.0.7
horde groupware_webmail_edition 1.2.8
horde imp 4.0.3
horde groupware_webmail_edition 1.2.7
horde groupware_webmail_edition *
horde dynamic_imp 5.0
horde dynamic_imp 5.0.8
horde groupware_webmail_edition 1.2.6
horde imp 2.2
horde groupware_webmail_edition 1.1.3
horde groupware_webmail_edition 1.2.9
horde imp 4.1.5
horde dynamic_imp 5.0.9
horde imp 4.3.9
horde groupware_webmail_edition 1.0.1
horde dynamic_imp 1.1.5
horde groupware_webmail_edition 1.1.1
horde groupware_webmail_edition 4.0.3
horde groupware_webmail_edition 1.2
horde imp 5.0.1
horde imp 4.3
horde groupware_webmail_edition 1.1.4
horde groupware_webmail_edition 1.1.5
horde groupware_webmail_edition 1.2.5
horde groupware_webmail_edition 4.0.1
horde dynamic_imp 5.0.4
horde imp 4.3.7
horde imp 5.0.3
horde imp 3.2.3
horde dynamic_imp 5.0.15
horde imp 3.2.6
horde imp 5.0.2
horde groupware_webmail_edition 1.0.8
horde imp 2.2.6
horde imp 4.3.5
horde dynamic_imp 1.1.2
horde groupware_webmail_edition 1.2.4
horde imp 4.1.3
horde groupware_webmail_edition 1.0.6
horde imp 4.2.1
horde groupware_webmail_edition 4.0.2
horde imp 2.3
horde imp 3.2.2
horde imp 4.0
horde dynamic_imp 5.0.10
horde dynamic_imp 5.0.5
horde imp 3.2.7
horde groupware_webmail_edition 1.2.10
horde dynamic_imp *
horde dynamic_imp 1.1.3
horde dynamic_imp 5.0.16
horde imp 4.3.2
horde dynamic_imp 5.0.3
horde dynamic_imp 5.0.7
horde imp 4.3.4
horde dynamic_imp 1.1.4
horde groupware_webmail_edition 1.1.6
horde groupware_webmail_edition 4.0
horde groupware_webmail_edition 1.0.3
horde groupware_webmail_edition 1.0.2
horde imp 4.2.2
horde dynamic_imp 5.0.6
horde dynamic_imp 1.0
horde imp 2.2.1
horde imp 3.2.1
horde groupware_webmail_edition 4.0.4
horde dynamic_imp 5.0.2
horde imp 3.2.5
horde imp 2.2.2
horde imp 3.0
horde imp 4.0.2
horde dynamic_imp 1.1.1
horde imp 2.0
horde imp 2.2.8
horde imp 2.2.3
horde imp 2.2.7
horde imp 3.2.4
horde imp 5.0.4-git
horde dynamic_imp 5.0.11
horde imp 4.0.4
horde imp 5.0
horde dynamic_imp 5.0.14
horde imp 3.1
horde groupware_webmail_edition 1.0.5
horde imp 4.1.6
horde dynamic_imp 1.1.6
horde groupware_webmail_edition 1.1.2
horde imp 4.3.6
CVE-2012-0909 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to email verification. NOTE: Some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware_webmail_edition 1.0.6
horde groupware_webmail_edition 1.0.4
horde groupware_webmail_edition 1.0.1
horde groupware_webmail_edition 1.1.1
horde groupware_webmail_edition 4.0.3
horde groupware_webmail_edition 4.0.2
horde groupware_webmail_edition 1.2
horde groupware_webmail_edition 1.1.4
horde groupware_webmail_edition 1.2.10
horde groupware_webmail_edition 1.1.5
horde groupware_webmail_edition 1.2.5
horde groupware_webmail_edition 4.0.1
horde groupware_webmail_edition 1.0
horde groupware_webmail_edition 1.2.3
horde groupware_webmail_edition 1.1
horde groupware_webmail_edition 1.1.6
horde groupware_webmail_edition 4.0
horde groupware_webmail_edition 1.2.1
horde groupware_webmail_edition 1.2.2
horde groupware_webmail_edition 1.0.5
horde groupware_webmail_edition 1.0.7
horde groupware_webmail_edition 1.2.8
horde groupware_webmail_edition 1.0.3
horde groupware_webmail_edition 1.2.7
horde groupware_webmail_edition *
horde groupware_webmail_edition 1.0.2
horde groupware_webmail_edition 1.0.8
horde groupware_webmail_edition 1.2.6
horde groupware_webmail_edition 1.1.3
horde groupware_webmail_edition 1.2.9
horde groupware_webmail_edition 1.1.2
horde groupware_webmail_edition 4.0.4
horde groupware_webmail_edition 1.2.4
CVE-2012-6620 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the (1) tasks and (2) search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde kronolith_h4 3.0.5
horde kronolith_h4 3.0.14
horde kronolith_h4 3.0.15
horde kronolith_h4 3.0.2
horde kronolith_h4 3.0.11
horde kronolith_h4 3.0.12
horde kronolith_h4 *
horde kronolith_h4 3.0.7
horde kronolith_h4 3.0.10
horde kronolith_h4 3.0.1
horde kronolith_h4 3.0
horde kronolith_h4 3.0.9
horde kronolith_h4 3.0.13
horde kronolith_h4 3.0.4
horde kronolith_h4 3.0.6
horde kronolith_h4 3.0.8
horde kronolith_h4 3.0.3
CVE-2012-6640 MEDIUM

Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG image attachment, a different vulnerability than CVE-2012-5565.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde imp 5.0.9
horde groupware 4.0.6
horde imp 5.0.6
horde imp 5.0.10
horde imp 5.0.1
horde imp 5.0.15
horde imp 5.0.19
horde imp 5.0.8
horde imp 5.0.11
horde groupware 4.0.5
horde imp 5.0.17
horde imp 5.0.12
horde groupware 4.0.2
horde imp 5.0.4
horde groupware 4.0.4
horde imp 5.0.5
horde groupware 4.0.3
horde groupware 4.0
horde groupware 4.0.7
horde imp 5.0.3
horde imp 5.0.7
horde groupware *
horde imp 5.0
horde imp 5.0.16
horde imp 5.0.14
horde imp 5.0.20
horde imp 5.0.18
horde imp 5.0.2
horde imp 5.0.13
horde imp *
horde groupware 4.0.1
CVE-2013-6275 MEDIUM

Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
debian debian_linux 10.0
horde groupware *
CVE-2013-6364 MEDIUM

Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-352,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
debian debian_linux 10.0
horde groupware 5.1.2
CVE-2013-6365 LOW

Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N 1.6 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-352,

Products Affected

Vendor Product Version
debian debian_linux 9.0
opensuse opensuse 13.2
debian debian_linux 8.0
opensuse opensuse 13.1
debian debian_linux 10.0
horde groupware 5.1.2
CVE-2014-1691 HIGH

The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
horde horde_application_framework 5.0.2
horde horde_application_framework 5.0.4
horde horde_application_framework 5.0.3
horde horde_application_framework *
horde horde_application_framework 5.0.0
horde horde_application_framework 5.0.1
CVE-2014-3999 MEDIUM

The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
horde horde_ldap *
CVE-2014-4945 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox or (2) message view.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware 5.1.0
horde internet_mail_program 6.0.3
horde internet_mail_program 6.1.1
horde groupware 5.1.3
horde groupware 5.1.1
horde internet_mail_program 6.0.2
horde internet_mail_program 6.1.3
horde internet_mail_program 6.0.0
horde internet_mail_program *
horde internet_mail_program 6.0.5
horde internet_mail_program 6.0.6
horde internet_mail_program 6.0.1
horde groupware 5.0.5
horde groupware 5.0.1
horde internet_mail_program 6.1.0
horde groupware 5.0.3
horde internet_mail_program 6.1.5
horde groupware *
horde internet_mail_program 6.1.6
horde groupware 5.0.4
horde internet_mail_program 6.1.2
horde groupware 5.0.0
horde groupware 5.1.2
horde internet_mail_program 6.1.4
horde groupware 5.0.2
horde internet_mail_program 6.0.4
CVE-2014-4946 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) before 6.1.8, as used in Horde Groupware Webmail Edition before 5.1.5, allow remote attackers to inject arbitrary web script or HTML via (1) unspecified flags or (2) a mailbox name in the dynamic mailbox view.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware 5.1.0
horde internet_mail_program 6.0.3
horde internet_mail_program 6.1.1
horde groupware 5.1.3
horde groupware 5.1.1
horde internet_mail_program 6.0.2
horde internet_mail_program 6.1.3
horde internet_mail_program 6.0.0
horde internet_mail_program *
horde internet_mail_program 6.0.5
horde internet_mail_program 6.0.6
horde internet_mail_program 6.0.1
horde groupware 5.0.5
horde groupware 5.0.1
horde internet_mail_program 6.1.0
horde groupware 5.0.3
horde internet_mail_program 6.1.5
horde groupware *
horde internet_mail_program 6.1.6
horde groupware 5.0.4
horde internet_mail_program 6.1.2
horde groupware 5.0.0
horde groupware 5.1.2
horde internet_mail_program 6.1.4
horde groupware 5.0.2
horde internet_mail_program 6.0.4
CVE-2015-7984 MEDIUM

Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
debian debian_linux 8.0
horde horde_application_framework *
horde groupware *
CVE-2015-8807 MEDIUM

Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving numeric form fields.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 22
fedoraproject fedora 23
debian debian_linux 8.0
horde groupware 5.2.11
CVE-2016-2228 MEDIUM

Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated by a request to xplorer/gollem/manager.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
fedoraproject fedora 22
fedoraproject fedora 23
debian debian_linux 8.0
horde groupware *
horde horde_groupware *
CVE-2016-5303 MEDIUM

Cross-site scripting (XSS) vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via crafted data:text/html content in a form (1) action or (2) xlink attribute.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware 5.2.15
CVE-2017-14650 MEDIUM

A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability is not used by any Horde code. Custom applications using the Horde_Image library might be affected. This vulnerability affects all versions of Horde_Image from 2.0.0 to 2.5.1, and is fixed in 2.5.2. The problem is missing input validation of the index field in _raw() during construction of an ImageMagick command line.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
horde horde_image_api 2.0.9
horde horde_image_api 2.3.4
horde horde_image_api 2.0.5
horde horde_image_api 2.4.1
horde horde_image_api 2.3.2
horde horde_image_api 2.0.3
horde horde_image_api 2.0.0
horde horde_image_api 2.2.0
horde horde_image_api 2.5.0
horde horde_image_api 2.1.0
horde horde_image_api 2.3.3
horde horde_image_api 2.3.6
horde horde_image_api 2.3.1
horde horde_image_api 2.4.0
horde horde_image_api 2.0.6
horde horde_image_api 2.0.4
horde horde_image_api 2.0.8
horde horde_image_api 2.0.1
horde horde_image_api 2.3.0
horde horde_image_api 2.0.2
horde horde_image_api 2.5.1
horde horde_image_api 2.0.7
horde horde_image_api 2.3.5
CVE-2017-15235 MEDIUM

The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-425,

Products Affected

Vendor Product Version
horde groupware 5.2.21
CVE-2017-16906 LOW

In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware *
CVE-2017-16907 LOW

In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware 5.2.21
horde groupware 5.2.19
CVE-2017-16908 LOW

In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware 5.2.19
CVE-2017-17688 MEDIUM

The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
microsoft outlook 2007
r2mail2 r2mail2 -
roundcube webmail -
emclient emclient -
apple mail -
flipdogsolutions maildroid -
postbox-inc postbox -
horde horde_imp -
bloop airmail -
freron mailmate -
mozilla thunderbird -
CVE-2017-17689 MEDIUM

The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
ibm notes -
microsoft outlook 2013
r2mail2 r2mail2 -
ritlabs the_bat -
microsoft outlook 2010
apple mail -
bloop airmail -
google gmail -
freron mailmate -
kde trojita -
microsoft outlook 2007
emclient emclient -
kde kmail -
microsoft outlook 2016
9folders nine -
flipdogsolutions maildroid -
postbox-inc postbox -
horde horde_imp -
gnome evolution -
mozilla thunderbird -
CVE-2017-7413 HIGH

In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
horde groupware *
CVE-2017-7414 MEDIUM

In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. To exploit this vulnerability, an attacker can send a PGP signed email (that is maliciously crafted) to the Horde user, who then must either view or preview it.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
horde groupware 5.0.3
horde groupware 5.2.4
horde groupware 5.1.0
horde groupware 5.2.5
horde groupware 5.1.3
horde groupware 5.2.2
horde groupware 5.2.1
horde groupware 5.0.4
horde groupware 5.1.1
horde groupware 5.1.5
horde groupware 5.0.0
horde groupware 5.1.2
horde groupware 5.0.2
horde groupware 5.1.4
horde groupware 5.2.3
horde groupware 5.2.7
horde groupware 5.2.6
horde groupware 5.0.5
horde groupware 5.2.0
horde groupware 5.0.1
CVE-2017-9773 MEDIUM

Denial of Service was found in Horde_Image 2.x before 2.5.0 via a crafted URL to the "Null" image driver.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
horde horde_image 2.0.3
horde horde_image 2.4.2
horde horde_image 2.3.6
horde horde_image 2.2.1
horde horde_image 2.0.4
horde horde_image 2.4.1
horde horde_image 2.3.3
horde horde_image 2.0.2
horde horde_image 2.0.9
horde horde_image 2.1.1
horde horde_image 2.3.1
horde horde_image 2.3.5
horde horde_image 2.4.0
horde horde_image 2.3.7
horde horde_image 2.0.6
horde horde_image 2.1.10
horde horde_image 2.2.0
horde horde_image 2.0.7
horde horde_image 2.1.0
horde horde_image 2.0.5
horde horde_image 2.3.0
horde horde_image 2.3.4
horde horde_image 2.0.0
horde horde_image 2.0.1
horde horde_image 2.1.8
horde horde_image 2.3.2
CVE-2017-9774 MEDIUM

Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
horde horde_image_api 2.0.9
horde horde_image_api 2.3.4
horde horde_image_api 2.0.5
horde horde_image_api 2.4.1
horde horde_image_api 2.3.2
horde horde_image_api 2.0.3
horde horde_image_api 2.0.0
horde horde_image_api 2.2.0
horde horde_image_api 2.1.0
horde horde_image_api 2.3.3
horde horde_image_api 2.3.6
horde horde_image_api 2.3.1
horde horde_image_api 2.4.0
horde horde_image_api 2.0.6
horde horde_image_api 2.0.4
horde horde_image_api 2.0.8
horde horde_image_api 2.0.1
horde horde_image_api 2.3.0
horde horde_image_api 2.0.2
horde horde_image_api 2.0.7
horde horde_image_api 2.3.5
CVE-2019-12094 MEDIUM

Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?form=remove_f&user_name= or admin/config/diff.php?app= URI.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware *
CVE-2019-12095 MEDIUM

Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-352,

Products Affected

Vendor Product Version
horde groupware *
CVE-2019-9858 MEDIUM

Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and _getUpload(), which uses unsanitized user input as a path to save the image. The unsanitized POST parameter object[photo][img][file] is saved in the $upload[img][file] PHP variable, allowing an attacker to manipulate the $tmp_file passed to move_uploaded_file() to save the uploaded file. By setting the parameter to (for example) ../usr/share/horde/static/bd.php, one can write a PHP backdoor inside the web root. The static/ destination folder is a good candidate to drop the backdoor because it is always writable in Horde installations. (The unsanitized POST parameter went probably unnoticed because it's never submitted by the forms, which default to securely using a random path.)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
debian debian_linux 9.0
debian debian_linux 8.0
horde groupware 5.2.22
horde groupware 5.2.17
CVE-2020-8034 MEDIUM

Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde gollem *
horde groupware 5.2.22
CVE-2020-8035 MEDIUM

The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
horde groupware *
CVE-2020-8518 HIGH

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 31
horde groupware 5.2.22
CVE-2020-8865 MEDIUM

This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10469.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2.8 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-23,CWE-22,

Products Affected

Vendor Product Version
debian debian_linux 8.0
horde groupware 5.2.22
CVE-2020-8866 MEDIUM

This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. Was ZDI-CAN-10125.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,CWE-434,

Products Affected

Vendor Product Version
debian debian_linux 8.0
horde horde_form *
horde groupware 5.2.22
CVE-2021-26929 MEDIUM

An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
horde groupware *
CVE-2022-26874 LOW

lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
debian debian_linux 9.0
horde horde_mime_viewer *
debian debian_linux 10.0
CVE-2022-30287

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.0 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 2.1 5.9

Products Affected

Vendor Product Version
debian debian_linux 10.0
horde groupware *
CVE-2025-41066

Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the specified user exists, the server will return the download of an empty file; if it does not exist, no download will be initiated, which unequivocally reveals the validity of the user.

Products Affected

Vendor Product Version
horde groupware 5.2.22