VYPR

Horde

by Horde (software)

Source repositories

CVEs (25)

  • CVE-2005-0378May 2, 2005
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php.

  • CVE-2005-0961May 2, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title.

  • CVE-2003-0728Oct 20, 2003
    risk 0.00cvss epss 0.01

    Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL.

  • CVE-2002-0181Apr 22, 2002
    risk 0.00cvss epss 0.02

    Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.

  • CVE-2000-0910Dec 19, 2000
    risk 0.00cvss epss 0.00

    Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address.

Page 2 of 2