VYPR
Vendor

Horde (software)

Horde is a free web-based groupware. The components of this groupware rest on the Horde framework, a PHP-based framework provides all the elements required for rapid web application development. Horde offers applications such as the Horde IMP email client, a groupware package, a wiki and a time and task tracking software.

Products
36
CVEs
123
Across products
209
Status
Private

Products

36
View all 36 products →

Recent CVEs

123
View all 123 CVEs →
  • CVE-2017-7413HigApr 4, 2017
    risk 0.60cvss 8.8epss 0.40

    In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a…

  • CVE-2017-9774HigJun 21, 2017
    risk 0.57cvss 8.8epss 0.02

    Remote Code Execution was found in Horde_Image 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication.

  • CVE-2017-14650HigSep 21, 2017
    risk 0.53cvss 8.1epss 0.04

    A Remote Code Execution vulnerability has been found in the Horde_Image library when using the "Im" backend that utilizes ImageMagick's "convert" utility. It's not exploitable through any Horde application, because the code path to the vulnerability is not used by any Horde…

  • CVE-2017-15235HigOct 11, 2017
    risk 0.52cvss 7.5epss 0.06

    The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.

  • CVE-2017-7414HigApr 4, 2017
    risk 0.49cvss 7.5epss 0.01

    In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?"…

  • CVE-2014-3999HigApr 10, 2018
    risk 0.46cvss 8.1epss 0.03

    The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.

  • CVE-2025-30349HigMar 21, 2025
    risk 0.44cvss 7.2epss 0.29

    Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail message with an onerror attribute (that may use base64-encoded JavaScript code), as exploited in the wild in March 2025.

  • CVE-2016-5303MedDec 20, 2016
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via crafted data:text/html content in a form (1) action or (2) xlink…

  • CVE-2017-9773MedJun 21, 2017
    risk 0.37cvss 5.7epss 0.01

    Denial of Service was found in Horde_Image 2.x before 2.5.0 via a crafted URL to the "Null" image driver.

  • CVE-2017-16908MedNov 20, 2017
    risk 0.35cvss 5.4epss 0.02

    In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.

  • CVE-2017-16907MedNov 20, 2017
    risk 0.35cvss 5.4epss 0.01

    In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.

  • CVE-2017-16906MedNov 20, 2017
    risk 0.35cvss 5.4epss 0.01

    In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action.

  • CVE-2007-1679MedMar 26, 2007
    risk 0.35cvss 5.4epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware Webmail 1.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in (1) imp/search.php and (2) ingo/rule.php. NOTE: this issue has been disputed by the vendor,…

  • CVE-2002-2024MedDec 31, 2002
    risk 0.35cvss 5.3epss 0.02

    Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages.

  • CVE-2016-2228MedApr 13, 2016
    risk 0.33cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter, as demonstrated…

  • CVE-2015-8807MedApr 13, 2016
    risk 0.33cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web…

  • CVE-2020-8518Feb 17, 2020
    risk 0.10cvss epss 0.71

    Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.

  • CVE-2019-9858May 29, 2019
    risk 0.09cvss epss 0.19

    Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and…

  • CVE-2012-0209Sep 25, 2012
    risk 0.09cvss epss 0.72

    Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse) in templates/javascript/open_calendar.js, which allows remote attackers…

  • CVE-2009-0932Mar 17, 2009
    risk 0.06cvss epss 0.41

    Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.