CVE-2006-4256
https://notcve.org/view.php?id=CVE-2006-4256
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS. index.php en Horde Application Framework anerior a 3.1.2 permite a atacantes remotos incluir páginas web de otros sitios, lo que podría ser útil para ataques de phishing, mediante una URL en el parámetro url, también conocido como "referencia en sitios cruzados" (cross-site referencing). NOTA: algunas fuetnes se han referido a este problema como XSS, pero es diferente del clásico XSS. • http://lists.horde.org/archives/announce/2006/000292.html http://secunia.com/advisories/21500 http://secunia.com/advisories/27565 http://securityreason.com/securityalert/1422 http://securitytracker.com/id?1016713 http://www.debian.org/security/2007/dsa-1406 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2456 http://www.securityfocus.com/archive/1/443360/100/0/threaded http://www.vupen.com/english/advisories/2006/3309 https://exchange.xforce.ibmcloud.com/vulnerabilities/28411 •
CVE-2006-3549
https://notcve.org/view.php?id=CVE-2006-3549
services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server. services/go.php en Horde Application Framework 3.0.0 hasta la 3.0.10 y 3.1.0 hasta la 3.1.1 no restringe de forma adecuada su capacidad de imagen de proxy, lo cual permite a atacantes remotos llevar a cabo ataques "Web tunneling" y utilizar el servidor como un proxy a través de la URL (1) http, (2) https, y (3) ftp en el parámetro URL, el cual es respondido desde el servidor. • http://lists.horde.org/archives/announce/2006/000287.html http://lists.horde.org/archives/announce/2006/000288.html http://moritz-naumann.com/adv/0011/hordemulti/0011.txt http://secunia.com/advisories/20954 http://secunia.com/advisories/21459 http://secunia.com/advisories/27565 http://securityreason.com/securityalert/1229 http://securitytracker.com/id?1016442 http://www.debian.org/security/2007/dsa-1406 http://www.novell.com/linux/security/advisories/2006_19_sr.html http:/ •
CVE-2006-1491 – Horde 3.0.9/3.1.0 - Help Viewer Remote Code Execution
https://notcve.org/view.php?id=CVE-2006-1491
Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer. • https://www.exploit-db.com/exploits/1660 http://cvs.horde.org/diff.php?f=horde%2Fservices%2Fhelp%2Findex.php&r1=2.85&r2=2.86 http://lists.horde.org/archives/announce/2006/000271.html http://lists.horde.org/archives/announce/2006/000272.html http://secunia.com/advisories/19485 http://secunia.com/advisories/19504 http://secunia.com/advisories/19528 http://secunia.com/advisories/19619 http://secunia.com/advisories/19692 http://securitytracker.com/id?1015841 http://www • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2005-4190
https://notcve.org/view.php?id=CVE-2005-4190
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework before 3.0.8 allow remote authenticated users to inject arbitrary web script or HTML via multiple vectors, as demonstrated by (1) the identity field, (2) Category and (3) Label search fields, (4) the Mobile Phone field, and (5) Date and (6) Time fields when importing CSV files, as exploited through modules such as (a) Turba Address Book, (b) Kronolith, (c) Mnemo, and (d) Nag. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Horde Application Framework anteriores a 3.0.8 permiten a usuarios remotos autenticados inyectar HTML o 'script' web de su elección mediante múltiples vectores, como se ha demostrado mediante (1) el campo identidad, (2) los campos de búsqueda "Category" y (3) "Label", (4) el campo "Mobile Phone", y (5) los campos "Date" y "Time" cuando se importa ficheros CSV, lo cual ha sido explotado mediante módulos como (a) Turba Address Book, (b) Kronolith, (c) Mnemo, y (d) Nag. • http://lists.horde.org/archives/announce/2005/000238.html http://secunia.com/advisories/17970 http://secunia.com/advisories/19619 http://secunia.com/advisories/19897 http://secunia.com/advisories/20960 http://www.debian.org/security/2006/dsa-1033 http://www.novell.com/linux/security/advisories/2006_04_28.html http://www.novell.com/linux/security/advisories/2006_16_sr.html http://www.sec-consult.com/245.html http://www.securityfocus.com/bid/15802 http://www.securit • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •