Horde Luki w zabezpieczeniach

Oś czasu

Rodzaj

Groupware Software	116

Produkt

Horde Groupware Webmail Edition	24
Horde IMP	24
Horde Groupware	18
Horde Application Framework	12
Horde IMP Webmail	8

Przeciwdziałanie

Official Fix	96
Temporary Fix	0
Workaround	0
Unavailable	6
Not Defined	14

Wykorzystywanie

High	8
Functional	0
Proof-of-Concept	50
Unproven	2
Not Defined	56

Wektor dostępu

Not Defined	0
Physical	0
Local	2
Adjacent	0
Network	114

Uwierzytelnianie

Not Defined	0
High	0
Low	36
None	80

Interakcja z użytkownikiem

Not Defined	0
Required	88
None	28

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	10
≤5	40
≤6	30
≤7	20
≤8	12
≤9	4
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	20
≤5	44
≤6	34
≤7	6
≤8	8
≤9	4
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	12
≤5	44
≤6	24
≤7	20
≤8	14
≤9	2
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	0
≤7	12
≤8	2
≤9	2
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	18
<2k	74
<5k	18
<10k	4
<25k	2
<50k	0
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	116
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (28): Accounts (1), Application Framework (16), Chora (1), Forwards (1), Gollem (1), Groupware (18), Groupware Webmail Edition (19), Horde Application Framework (1), IMP (24), IMP Webmail (7), IMP Webmail Client (1), Ingo H3 (1), Kronolith (6), Kronolith H3 (3), Kronolith H4 (1), Manager (1), Mnemo (1), Nag (1), Nag Task List Manager H3 (1), Passwd (1), Turba (1), Turba Contact Manager (1), Turba Contact Manager H3 (1), Turba H3 (2), Vaction (1), Webmail (3), cPanel (1), passwd (1)

Link to Vendor Website: https://www.horde.org/

Opublikowano	Base	Temp	Słaby punkt	Prod	Wyk	Prz	EPSS	CTI	CVE
2022-06-09	6.3	6.3	Horde Webmail Address Book Driver.php create privilege escalation	Groupware Software	Not Defined	Not Defined	0.00675	0.04	CVE-2022-30287
2021-02-14	4.8	4.6	Horde Groupware Webmail Edition Text Filter Library Text2html.php preProcess cross site scripting	Groupware Software	Not Defined	Official Fix	0.02166	0.00	CVE-2021-26929
2020-05-18	5.2	4.6	Horde Groupware Webmail Edition Image View Stored cross site scripting	Groupware Software	Not Defined	Official Fix	0.00135	0.04	CVE-2020-8035
2020-03-23	5.0	5.0	Horde Groupware Webmail Edition add.php privilege escalation	Groupware Software	Not Defined	Not Defined	0.00565	0.08	CVE-2020-8866
2020-03-23	6.3	6.3	Horde Groupware Webmail Edition edit.php directory traversal	Groupware Software	Not Defined	Not Defined	0.00333	0.03	CVE-2020-8865
2020-02-17	8.5	8.5	Horde Groupware Webmail Edition CSV Data privilege escalation	Groupware Software	Not Defined	Not Defined	0.96492	0.05	CVE-2020-8518
2019-11-05	5.4	5.1	Horde Groupware Webmail Edition basic.php cross site request forgery	Groupware Software	Proof-of-Concept	Official Fix	0.03680	0.02	CVE-2013-6275
2019-11-05	4.8	4.3	Horde Groupware Webmail Edition Permission edit.php cross site request forgery	Groupware Software	Proof-of-Concept	Not Defined	0.00197	0.00	CVE-2013-6365
2019-11-05	6.5	5.9	Horde Groupware Webmail Edition Virtual Address Book search.php cross site request forgery	Groupware Software	Proof-of-Concept	Not Defined	0.00459	0.00	CVE-2013-6364
2019-10-24	6.5	6.5	Horde Groupware Webmail Edition Trean cross site request forgery	Groupware Software	Proof-of-Concept	Not Defined	0.04910	0.00	CVE-2019-12095
2019-10-24	5.2	5.2	Horde Groupware Webmail Edition Tag Cloud cross site scripting	Groupware Software	Proof-of-Concept	Not Defined	0.00753	0.02	CVE-2019-12094
2019-05-29	7.5	7.5	Horde Groupware Webmail Edition Image Upload Type.php onSubmit privilege escalation	Groupware Software	Not Defined	Not Defined	0.94491	0.02	CVE-2019-9858
2017-04-04	6.9	6.7	Horde Groupware Webmail Edition Horde_Crypt privilege escalation	Groupware Software	Not Defined	Official Fix	0.00181	0.00	CVE-2017-7414
2017-04-04	7.5	7.4	Horde Groupware Webmail Edition Horde_Crypt privilege escalation	Groupware Software	Not Defined	Official Fix	0.94773	0.03	CVE-2017-7413
2016-04-13	6.1	5.9	Horde Groupware Webmail Edition _menubar.html.php cross site scripting	Groupware Software	Not Defined	Official Fix	0.00534	0.00	CVE-2016-2228
2016-04-13	6.1	5.9	Horde Groupware Webmail Edition Html.php _renderVarInput_number cross site scripting	Groupware Software	Not Defined	Official Fix	0.00434	0.00	CVE-2015-8807
2015-11-19	4.3	3.9	Horde Groupware cmdshell.php cross site request forgery	Groupware Software	Proof-of-Concept	Official Fix	0.00729	0.00	CVE-2015-7984
2015-11-18	5.4	4.7	Horde Groupware cmdshell.php cross site request forgery	Groupware Software	Proof-of-Concept	Official Fix	0.00729	0.00	CVE-2015-7984
2014-07-07	4.3	4.1	Horde IMP Flag/Mailbox cross site scripting	Groupware Software	High	Official Fix	0.00240	0.00	CVE-2014-4946
2014-07-07	4.3	4.1	Horde IMP Mailbox/Message View cross site scripting	Groupware Software	High	Official Fix	0.00239	0.00	CVE-2014-4945
2014-06-03	7.3	6.4	Horde Webmail Horde_ldap weak authentication	Groupware Software	Unproven	Official Fix	0.00829	0.00	CVE-2014-3999
2014-04-05	4.3	4.1	Horde Groupware cross site scripting	Groupware Software	Not Defined	Official Fix	0.00146	0.00	CVE-2012-6640
2014-04-05	4.3	4.1	Horde Groupware Portal Blocks cross site scripting	Groupware Software	Not Defined	Official Fix	0.00316	0.00	CVE-2012-5567
2014-04-05	4.3	4.1	Horde Groupware cross site scripting	Groupware Software	Not Defined	Official Fix	0.00254	0.00	CVE-2012-5565
2014-03-31	5.3	4.7	Horde Webmail Redirect go.php privilege escalation	Groupware Software	Proof-of-Concept	Unavailable	0.00000	0.00

91 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 91 results.

◂ PoprzedniPrzeglądKolejny ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!