Horde 漏洞

时间轴

类型

产品

Horde Groupware Webmail Edition24
Horde Application Framework18
Horde IMP18
Horde Groupware16
Horde Kronolith10

修正

Official Fix88
Temporary Fix0
Workaround0
Unavailable0
Not Defined28

易受攻击性

High6
Functional0
Proof-of-Concept46
Unproven4
Not Defined60

访问向量

Not Defined0
Physical0
Local6
Adjacent2
Network108

身份验证

Not Defined0
High0
Low34
None82

用户交互

Not Defined0
Required82
None34

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤420
≤540
≤614
≤728
≤812
≤92
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤426
≤542
≤630
≤712
≤84
≤92
≤100

VulDB

≤10
≤20
≤30
≤422
≤544
≤610
≤730
≤810
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤62
≤78
≤82
≤96
≤102

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

供应商

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k22
<2k72
<5k20
<10k0
<25k2
<50k0
<100k0
≥100k0

本日攻击

<1k116
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

攻击市场容量

🔴 CTI 活动

Affected Products (28): Accounts (1), Application Framework (16), Chora (1), Forwards (1), Gollem (1), Groupware (18), Groupware Webmail Edition (19), Horde Application Framework (1), IMP (24), IMP Webmail (7), IMP Webmail Client (1), Ingo H3 (1), Kronolith (6), Kronolith H3 (3), Kronolith H4 (1), Manager (1), Mnemo (1), Nag (1), Nag Task List Manager H3 (1), Passwd (1), Turba (1), Turba Contact Manager (1), Turba Contact Manager H3 (1), Turba H3 (2), Vaction (1), Webmail (3), cPanel (1), passwd (1)

Link to Vendor Website: https://www.horde.org/

已发布BaseTemp漏洞Prod修正CTIEPSSCVE
2022-06-096.36.3Horde Webmail Address Book Driver.php create 权限升级Groupware SoftwareNot DefinedNot Defined0.040.00675CVE-2022-30287
2021-02-144.84.6Horde Groupware Webmail Edition Text Filter Library Text2html.php preProcess 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.000.02166CVE-2021-26929
2020-05-185.24.6Horde Groupware Webmail Edition Image View Stored 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.040.00135CVE-2020-8035
2020-03-235.35.3Horde Groupware Webmail Edition add.php 权限升级Groupware SoftwareNot DefinedNot Defined0.000.00329CVE-2020-8866
2020-03-236.36.3Horde Groupware Webmail Edition edit.php 目录遍历Groupware SoftwareNot DefinedNot Defined0.030.00333CVE-2020-8865
2020-02-178.58.5Horde Groupware Webmail Edition CSV Data 权限升级Groupware SoftwareNot DefinedNot Defined0.000.96492CVE-2020-8518
2019-11-055.45.1Horde Groupware Webmail Edition basic.php 跨网站请求伪造Groupware SoftwareProof-of-ConceptOfficial Fix0.000.03280CVE-2013-6275
2019-11-054.84.3Horde Groupware Webmail Edition Permission edit.php 跨网站请求伪造Groupware SoftwareProof-of-ConceptNot Defined0.000.00197CVE-2013-6365
2019-11-056.55.9Horde Groupware Webmail Edition Virtual Address Book search.php 跨网站请求伪造Groupware SoftwareProof-of-ConceptNot Defined0.000.00459CVE-2013-6364
2019-10-246.56.5Horde Groupware Webmail Edition Trean 跨网站请求伪造Groupware SoftwareProof-of-ConceptNot Defined0.000.04910CVE-2019-12095
2019-10-245.25.2Horde Groupware Webmail Edition Tag Cloud 跨网站脚本Groupware SoftwareProof-of-ConceptNot Defined0.000.00753CVE-2019-12094
2019-05-297.57.5Horde Groupware Webmail Edition Image Upload Type.php onSubmit 权限升级Groupware SoftwareNot DefinedNot Defined0.000.94491CVE-2019-9858
2017-04-046.96.7Horde Groupware Webmail Edition Horde_Crypt 权限升级Groupware SoftwareNot DefinedOfficial Fix0.000.00181CVE-2017-7414
2017-04-047.57.4Horde Groupware Webmail Edition Horde_Crypt 权限升级Groupware SoftwareNot DefinedOfficial Fix0.030.94773CVE-2017-7413
2016-04-136.15.9Horde Groupware Webmail Edition _menubar.html.php 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.000.00534CVE-2016-2228
2016-04-136.15.9Horde Groupware Webmail Edition Html.php _renderVarInput_number 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.000.00434CVE-2015-8807
2015-11-194.33.9Horde Groupware cmdshell.php 跨网站请求伪造Groupware SoftwareProof-of-ConceptOfficial Fix0.000.00729CVE-2015-7984
2015-11-185.44.7Horde Groupware cmdshell.php 跨网站请求伪造Groupware SoftwareProof-of-ConceptOfficial Fix0.000.00729CVE-2015-7984
2014-07-074.34.1Horde IMP Flag/Mailbox 跨网站脚本Groupware SoftwareHighOfficial Fix0.020.00173CVE-2014-4946
2014-07-074.34.1Horde IMP Mailbox/Message View 跨网站脚本Groupware SoftwareHighOfficial Fix0.000.00173CVE-2014-4945
2014-06-037.36.4Horde Webmail Horde_ldap 弱身份验证Groupware SoftwareUnprovenOfficial Fix0.040.00829CVE-2014-3999
2014-04-054.34.1Horde Groupware 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.020.00136CVE-2012-6640
2014-04-054.34.1Horde Groupware Portal Blocks 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.000.00316CVE-2012-5567
2014-04-054.34.1Horde Groupware 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.000.00254CVE-2012-5565
2014-03-315.34.7Horde Webmail Redirect go.php 权限升级Groupware SoftwareProof-of-ConceptUnavailable0.040.00000

91 更多条目未显示

Do you need the next level of professionalism?

Upgrade your account now!