EUVD-2025-200240

Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...

Horde Groupware 信息泄露漏洞

Horde Groupware is a collaboration software suite from Horde Open Source. An information disclosure vulnerability exists in Horde Groupware version v5.2.22, which originates from an unauthenticated attacker being able to determine whether a valid account exists by sending an HTTP request...

EUVD-2019-3746

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-8865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is...

PT-2022-4811 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition versions 5.2.22 and earlier Description: The issue allows for a reflection injection attack, leading to arbitrary deserialization of PHP objects. This can be exploited by an authenticated user to execute...

Spring Framework 输入验证错误漏洞

Spring Framework is the U.S. Spring team of a set of open source Java, JavaEE application framework . The framework helps developers build high-quality applications.Spring Framework versions prior to 5.3.20, 5.2.22 contain a denial-of-service vulnerability. An attacker can exploit this...

Spring Framework 输入验证错误漏洞

Spring Framework is the U.S. Spring team of a set of Java, JavaEE application framework . The framework helps developers build high-quality applications.Spring Framework 5.3.20 , 5.2.22 before the version of the denial of service vulnerability , the vulnerability stems from the data binding to th...

Horde Groupware Webmail < 5.2.22 XSS Vulnerability - Linux

Horde Groupware Webmail is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2020-20336 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition version 5.2.22 Description: This issue allows remote attackers to execute local PHP files on affected installations. Authentication is required to exploit this issue. The specific flaw exists within the edit.ph...

DEBIAN-CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

PT-2020-20192 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition version 5.2.22 Description: The issue allows injection of arbitrary PHP code via CSV data, leading to remote code execution. Recommendations: For Horde Groupware Webmail Edition version 5.2.22, consider disabli...

Horde Groupware Webmail <= 5.2.22 RCE Vulnerability - Linux

Horde Groupware Webmail is prone to an authenticated remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

Unspecified Vulnerability in Oracle VM VirtualBox (CNVD-2019-27272)

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The solution is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

openSUSE Security Update : virtualbox (openSUSE-2018-1443)

This update for virtualbox fixes the following issues : virtualbox was updated to version 5.2.22 released November 09 2018 by Oracle. Security issues fixed : - Fixed a guest-to-host excape via the e1000 virtual network driver bsc1115041. Non-security issues fixed : - Audio: Fixed a regression in...

Fedora 24 : php-PHPMailer (2017-c3dc97e1e1)

Version 5.2.22 January 5th 2017 - SECURITY Fix CVE-2017-5223, local file disclosure vulnerability if content passed to msgHTML is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to msgHTML without a $basedir will not import images wi...

PT-2017-16400 · Php +3 · Phpmailer +3

Name of the Vulnerable Software and Affected Versions: PHPMailer versions prior to 5.2.22 Description: An issue in PHPMailer's msgHTML method allows it to apply transformations to an HTML document, making it usable as an email message body. One transformation converts relative image URLs into...