413 matches found
Horde Groupware Unauthenticated Admin Access
Horde Groupware contains an administrative account with a blank password, which allows remote attackers to gain access. id: CVE-2005-3344 info: name: Horde Groupware Unauthenticated Admin Access author: pikpikcu severity: critical description: Horde Groupware contains an administrative account wi...
CVE-2022-26874
lib/Horde/Mime/Viewer/Ooo.php in Horde MimeViewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering...
CVE-2019-12094
Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=updatefname= or admin/user.php?form=removefname= or admin/config/diff.php?app= URI...
CVE-2025-41066
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
Linux Distros Unpatched Vulnerability : CVE-2025-41066
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system...
EUVD-2025-200240
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
CVE-2025-41066
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
DEBIAN-CVE-2025-41066
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
CVE-2025-41066
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
UBUNTU-CVE-2025-41066
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
CVE-2025-41066
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
CVE-2025-41066 Disclosure of sensitive information in Horde Groupware
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
CVE-2025-41066 Disclosure of sensitive information in Horde Groupware
Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...
CVE-2025-41066
The vulnerability concerns Horde Groupware v5.2.22. Affected component: Horde Groupware web interface. Root cause: unauthenticated user enumeration via HTTP request to /imp/attachment.php with parameters id and u, causing the server to reveal whether a user exists (returns an empty file when the ...
Horde Groupware 信息泄露漏洞
Horde Groupware is a collaboration software suite from Horde Open Source. An information disclosure vulnerability exists in Horde Groupware version v5.2.22, which originates from an unauthenticated attacker being able to determine whether a valid account exists by sending an HTTP request...
EUVD-2016-6254
Malware in sbrugna...
EUVD-2012-0932
Malware in sbrugna...
EUVD-2017-8078
Malware in sbrugna...
EUVD-2013-6190
Malware in sbrugna...
EUVD-2020-29707
Malware in sbrugna...