EUVD-2025-200240

Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...

Horde Groupware 信息泄露漏洞

Horde Groupware is a collaboration software suite from Horde Open Source. An information disclosure vulnerability exists in Horde Groupware version v5.2.22, which originates from an unauthenticated attacker being able to determine whether a valid account exists by sending an HTTP request...

EUVD-2017-8076

Malware in sbrugna...

EUVD-2019-3746

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-3309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is prior to 5.2.22. Easi...

Linux Distros Unpatched Vulnerability : CVE-2020-8865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is...

PT-2022-4811 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition versions 5.2.22 and earlier Description: The issue allows for a reflection injection attack, leading to arbitrary deserialization of PHP objects. This can be exploited by an authenticated user to execute...

GHSA-RQPH-VQWM-22VC Allocation of Resources Without Limits or Throttling in Spring Framework

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

PT-2022-6999 · Unknown +1 · Spring Framework +1

Name of the Vulnerable Software and Affected Versions: Spring Framework versions prior to 5.3.20 Spring Framework versions prior to 5.2.22 Spring Framework old unsupported versions Description: The application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an...

Spring Framework 输入验证错误漏洞

Spring Framework is the U.S. Spring team of a set of open source Java, JavaEE application framework . The framework helps developers build high-quality applications.Spring Framework versions prior to 5.3.20, 5.2.22 contain a denial-of-service vulnerability. An attacker can exploit this...

Spring Framework 输入验证错误漏洞

Spring Framework is the U.S. Spring team of a set of Java, JavaEE application framework . The framework helps developers build high-quality applications.Spring Framework 5.3.20 , 5.2.22 before the version of the denial of service vulnerability , the vulnerability stems from the data binding to th...

Horde Groupware Webmail < 5.2.22 XSS Vulnerability - Linux

Horde Groupware Webmail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SECURITY] Fedora 31 Update: php-horde-horde-5.2.22-1.fc31

The Horde Application Framework is a flexible, modular, general-purpose web application framework written in PHP. It provides an extensive array of components that are targeted at the common problems and tasks involved in developing modern web applications. It is the basis for a large number of...

Fedora 30 : php-horde-horde (2020-fd8761fd13)

horde 5.2.22 - jan SECURITY: Protect image processing service from rendering active SVG content within the browser. - jan SECURITY: Fix XSS vulnerabilities in administration interface. - jan Support Redis Sentinel configuration Michael Menge , Request 14998. - jan Use file hashing for detecting...

Horde Groupware Webmail Edition 5.2.22 - PHAR Loading Exploit

Exploit for php platform in category web applications exploit-phar-loading.py !/usr/bin/env python3 from horde import Horde import requests import subprocess import sys TEMPDIR = '/tmp' WWWROOT = '/var/www/html' if lensys.argv ' sys.exit1 baseurl = sys.argv1 username = sys.argv2 password =...

PT-2020-20336 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition version 5.2.22 Description: This issue allows remote attackers to execute local PHP files on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the edit.ph...

DEBIAN-CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

PT-2020-20192 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition version 5.2.22 Description: The issue allows injection of arbitrary PHP code via CSV data, leading to remote code execution. Recommendations: For Horde Groupware Webmail Edition version 5.2.22, consider disabli...

Horde Groupware Webmail <= 5.2.22 RCE Vulnerability - Linux

Horde Groupware Webmail is prone to an authenticated remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

CVE-2018-3309

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is prior to 5.2.22. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...