CVSS: 6.1EPSS: 1%CPEs: 25EXPL: 2CVE-2005-4080 – Horde IMP 2.2.x/3.2.x/4.0.x - Email Attachments HTML Injection
https://notcve.org/view.php?id=CVE-2005-4080
08 Dec 2005 — Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters. • https://www.exploit-db.com/exploits/26741 •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2005-1319
https://notcve.org/view.php?id=CVE-2005-1319
27 Apr 2005 — Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. • http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.119&r2=1.389.2.125&ty=h •
CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 0CVE-2004-1443
https://notcve.org/view.php?id=CVE-2004-1443
31 Dec 2004 — Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and earlier, when used with Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via an e-mail message. • http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.106&r2=1.389.2.109&ty=h •
CVSS: 6.8EPSS: 1%CPEs: 18EXPL: 0CVE-2004-0584
https://notcve.org/view.php?id=CVE-2004-0584
23 Jun 2004 — Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly validate input, which allows remote attackers to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross-site scripting (XSS) vulnerability. Vulnerabilidad desconocida en Hored-IMP 3.2.3 y anteriores, antes de un "arreglo de seguridad" no validan adecuadamente la entrada, lo que permite a atacantes remotos ejecutar script de su elección como otro usuario media... • http://secunia.com/advisories/11805 •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2003-0025
https://notcve.org/view.php?id=CVE-2003-0025
15 Jan 2003 — Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3. Múltiples vulnerabilidades de inyección de SQL en IMP 2.2.8 y anteriores permiten a atacantes remotos llevar a cabo actividades no autorizadas en la base de datos y posiblemente ganar privilegios mediante ciertas funcines de la base de datos como che... • http://marc.info/?l=bugtraq&m=104204786206563&w=2 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2024
https://notcve.org/view.php?id=CVE-2002-2024
31 Dec 2002 — Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages. • http://bugs.horde.org/show_bug.cgi?id=916 • CWE-219: Storage of File with Sensitive Data Under Web Root •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2000-0458
https://notcve.org/view.php?id=CVE-2000-0458
22 Apr 2000 — The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information. • http://marc.info/?l=bugtraq&m=95672120116627&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2000-0459
https://notcve.org/view.php?id=CVE-2000-0459
22 Apr 2000 — IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request. • http://marc.info/?l=bugtraq&m=95672120116627&w=2 •