CVSS: 7.5EPSS: 94%CPEs: 6EXPL: 2CVE-2014-1691 – Horde Framework - Unserialize PHP Code Execution
https://notcve.org/view.php?id=CVE-2014-1691
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form. El script framework/Util/lib/Horde/Variables.php en la libraría de Util en Horde anterior a 5.1.1 permite a atacantes remotos realizar ataques de inyección de objetos y ejecutar código PHP arbitrario a través de un objeto serializado manipulado en el formulario _formvars. • https://www.exploit-db.com/exploits/32439 http://seclists.org/oss-sec/2014/q1/153 http://seclists.org/oss-sec/2014/q1/156 http://seclists.org/oss-sec/2014/q1/169 http://www.debian.org/security/2014/dsa-2853 https://github.com/horde/horde/blob/82c400788537cfc0106b68447789ff53793ac086/bundles/groupware/docs/CHANGES#L215 https://github.com/horde/horde/commit/da6afc7e9f4e290f782eca9dbca794f772caccb3 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 0%CPEs: 84EXPL: 0CVE-2010-3694
https://notcve.org/view.php?id=CVE-2010-3694
Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework before 3.3.9 allows remote attackers to hijack the authentication of unspecified victims for requests to a preference form. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en Horde Application Framework anterior a v3.3.9 permite a los atacantes remotos secuestrar la autenticación de víctimas sin especificar en peticiones a un formulario preferente. • http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html http://lists.horde.org/archives/announce/2010/000557.html http://secunia.com/advisories/42140 https://bugzilla.redhat.com/show_bug.cgi?id=630687 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 84EXPL: 2CVE-2010-3077 – Horde Application Framework 3.3.8 - 'icon_browser.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-3077
Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en util/icon_browser.php en el Horde Application Framework anterior a v3.3.9 que permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través del parámetro "subdir". • https://www.exploit-db.com/exploits/34605 http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html http://lists.horde.org/archives/announce/2010/000557.html http://seclists.org/fulldisclosure/2010/Sep/82 http://secunia.com/advisories/42140 https://bu • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 35EXPL: 0CVE-2009-3237
https://notcve.org/view.php?id=CVE-2009-3237
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; allow remote attackers to inject arbitrary web script or HTML via the (1) crafted number preferences that are not properly handled in the preference system (services/prefs.php), as demonstrated by the sidebar_width parameter; or (2) crafted unknown MIME "text parts" that are not properly handled in the MIME viewer library (config/mime_drivers.php). Múltiple vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Horde Application Framework desde v3.2 anteriores a v3.2.5 y desde v3.3 anteriores a v3.3.5; Groupware desde v1.1 anteriores a v1.1.6 y 1.2 anteriores a v1.2.4; y Groupware Webmail Edition desde v1.1 anteriores a v1.1.6 y desde v1.2 anteriores a v1.2.4; permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a través de (1) preferencias numéricas manipuladas que no han sido adecuadamente gestionadas en el sistema de preferencias (services/prefs.php), como quedo demostrado por el parámetro sidebar_width o (2) "fragmentos de texto" MIME desconocidos manipulados que no son gestionados adecuadamente por la librería de visor de MIME (config/mime_drivers.php). • http://bugs.horde.org/ticket/?id=8311 http://bugs.horde.org/ticket/?id=8399 http://marc.info/?l=horde-announce&m=125291625030436&w=2 http://marc.info/?l=horde-announce&m=125292088004087&w=2 http://marc.info/? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •