CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8035
https://notcve.org/view.php?id=CVE-2020-8035
The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL. La funcionalidad image view en Horde Groupware Webmail Edition versiones anteriores a 5.2.22, está afectada por una vulnerabilidad de tipo Cross-Site Scripting (XSS) almacenada por medio de una carga de imagen SVG que contiene una carga útil de JavaScript. Un atacante puede obtener acceso a una cuenta de correo web de una víctima al hacer que visite una URL maliciosa. • https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES https://lists.debian.org/debian-lts-announce/2020/05/msg00035.html https://lists.horde.org/archives/announce/2020/001290.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-7804
https://notcve.org/view.php?id=CVE-2020-7804
ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for Windows 7, 8, and 10 allows an attacker to execute arbitrary command via the ShellExec method. ActiveX Control(HShell.dll) en Handy Groupware versión 1.7.3.1 para Windows 7, 8 y 10, permite a un atacante ejecutar un comando arbitrario por medio del método ShellExec. • http://www.handysoft.co.kr/product/product.html?seq=12 https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35368 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2CVE-2020-8865 – Horde Groupware Webmail Edition edit Page Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-8865
This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the params[template] parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. • https://www.exploit-db.com/exploits/48209 https://www.exploit-db.com/exploits/48210 https://lists.debian.org/debian-lts-announce/2020/04/msg00009.html https://www.zerodayinitiative.com/advisories/ZDI-20-276 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2CVE-2020-8866 – Horde Groupware Webmail Edition add Page Unrestricted File Upload Arbitrary File Creation Vulnerability
https://notcve.org/view.php?id=CVE-2020-8866
This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within add.php. The issue results from the lack of proper validation of user-supplied data, which can allow the upload of arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the www-data user. • https://www.exploit-db.com/exploits/48210 https://www.exploit-db.com/exploits/48209 https://lists.debian.org/debian-lts-announce/2020/03/msg00036.html https://lists.horde.org/archives/announce/2020/001288.html https://www.zerodayinitiative.com/advisories/ZDI-20-275 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 96%CPEs: 4EXPL: 3CVE-2020-8518 – Horde CSV import arbitrary PHP code execution
https://notcve.org/view.php?id=CVE-2020-8518
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution. Horde Groupware Webmail Edition versión 5.2.22, permite una inyección de código PHP arbitrario, por medio de datos CSV, conllevando a una ejecución de código remota. • https://www.exploit-db.com/exploits/48215 http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T https://lists.horde.org/archives/announce/2020/001285.html https://cardaci. • CWE-94: Improper Control of Generation of Code ('Code Injection') •