CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45800
https://notcve.org/view.php?id=CVE-2023-45800
13 Dec 2023 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hanbiro Hanbiro groupware allows Information Elicitation.This issue affects Hanbiro groupware: from V3.8.79 before V3.8.81.1. La neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en el software colaborativo Hanbiro Hanbiro permite la obtención de información. Este problema afecta al software colaborativo Hanbiro: desde V3.8.79 antes de V3.8.8... • https://hanbiro.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 25%CPEs: 2EXPL: 1CVE-2022-30287
https://notcve.org/view.php?id=CVE-2022-30287
28 Jul 2022 — Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects. Horde Groupware Webmail Edition versiones hasta 5.2.22, permite un ataque de inyección de reflexión mediante el cual un atacante puede instanciar una clase de controlador. Esto conlleva a una deserialización arbitraria de objetos PHP • https://blog.sonarsource.com/horde-webmail-rce-via-email • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26630 – HANDY Groupware file download and execute vulnerability
https://notcve.org/view.php?id=CVE-2021-26630
19 May 2022 — Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the parameter value of the vulnerable function. Una vulnerabilidad de comprobación de entrada inapropiada en el módulo ActiveX de HANDY Groupware permite a atacantes descargar o ejecutar archivos arbitrarios. Esta vulnerabilidad puede ser explotada usando la ruta de descarga o ejecución de arch... • https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66723 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 2%CPEs: 2EXPL: 5CVE-2021-26929 – Horde Groupware Webmail 5.2.22 - Stored XSS
https://notcve.org/view.php?id=CVE-2021-26929
14 Feb 2021 — An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke use of \x00\x00\x00 and \x01\x01\x01 interferes with XSS defenses. Se detectó un problema de tipo XSS en Horde Groupware Webmail Edition versiones hasta 5.2.22 (donde es usada la biblioteca Horde_Text_Filter versi... • https://packetstorm.news/files/id/162194 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8035
https://notcve.org/view.php?id=CVE-2020-8035
18 May 2020 — The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL. La funcionalidad image view en Horde Groupware Webmail Edition versiones anteriores a 5.2.22, está afectada por una vulnerabilidad de tipo Cross-Site Scripting (XSS) almacenada por medio de una carga de imagen SVG ... • https://github.com/horde/base/blob/c00f2fdb222055fb2ccb6d53b5b5240c0a7d2a75/docs/CHANGES • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-7804
https://notcve.org/view.php?id=CVE-2020-7804
29 Apr 2020 — ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for Windows 7, 8, and 10 allows an attacker to execute arbitrary command via the ShellExec method. ActiveX Control(HShell.dll) en Handy Groupware versión 1.7.3.1 para Windows 7, 8 y 10, permite a un atacante ejecutar un comando arbitrario por medio del método ShellExec. • http://www.handysoft.co.kr/product/product.html?seq=12 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 7CVE-2019-12094 – Horde Webmail 5.2.22 XSS / CSRF / SQL Injection / Code Execution
https://notcve.org/view.php?id=CVE-2019-12094
17 May 2019 — Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?form=remove_f&user_name= or admin/config/diff.php?app= URI. Horde Groupware Webmail Edition hasta la versión 5.2.22 permite XSS a través de admin / user.php? • https://packetstorm.news/files/id/152975 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 7CVE-2019-12095 – Horde Webmail 5.2.22 XSS / CSRF / SQL Injection / Code Execution
https://notcve.org/view.php?id=CVE-2019-12095
17 May 2019 — Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload. Horde Trean, como se utiliza en Horde Groupware Webmail Edition a través de 5.2.22 y otros productos, permite CSRF, como lo demuestra el parámetro treanBookmarkTags al trean / URI en un servidor de correo web. NOTA: treanBookmarkTags podría, por eje... • https://packetstorm.news/files/id/152975 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 81%CPEs: 4EXPL: 3CVE-2019-9858 – Horde Form Shell Upload
https://notcve.org/view.php?id=CVE-2019-9858
10 Apr 2019 — Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in forms. When the Horde_Form_Type_image method onSubmit() is called on uploads, it invokes the functions getImage() and _getUpload(), which uses unsanitized user input as a path to save the image. The unsanitized POST parameter object[photo][img][file] is saved in the $upload[img][file] PHP variable, allowing an attacker to manipulate the $tmp_file pas... • https://packetstorm.news/files/id/152476 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2017-16906
https://notcve.org/view.php?id=CVE-2017-16906
20 Nov 2017 — In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action. En Horde Groupware 5.2.19-5.2.22, existe XSS mediante el campo URL en una acción "Calendar -> New Event". • http://code610.blogspot.com/2017/11/rce-via-xss-horde-5219.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •