UBUNTU-CVE-2025-41066

Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...

CVE-2025-41066 Disclosure of sensitive information in Horde Groupware

Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the...

CVE-2025-41066

The vulnerability concerns Horde Groupware v5.2.22. Affected component: Horde Groupware web interface. Root cause: unauthenticated user enumeration via HTTP request to /imp/attachment.php with parameters id and u, causing the server to reveal whether a user exists (returns an empty file when the ...

Improper Input Validation

prestashop/prestashop is vulnerable to Improper Input Validation. The vulnerability exists in the delete function of Attachment.php because the file parameter is not properly handled which allows an attacker to delete arbitrary files...

Design/Logic Flaw

The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI...

CVE-2020-25124

The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI...

CVE-2018-18461

The Arigato Autoresponder and Newsletter aka bft-autoresponder v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments data to models/attachment.php...

Authorization Bypass

phpMyFAQ/phpMyFAQ is affected by an authorization bypass. A remote authenticated user, with the privileges Right to add attachments and Right to delete attachments but without the privilege Right to download the attachments, is able to download and read arbitrary attachments due to incorrect...

Dzzoffice v1.3.1 Arbitrary File Download Vulnerability in Multiple Pages

DzzOffice is an open source cloud storage management tool. Dzzoffice v1.3.1 Arbitrary file download vulnerability exists in the 'pdfviewer.php', 'view.php', 'download.php' and 'attachment.php' pages, which can be exploited by attackers to obtain sensitive information...

CVE-2011-3714

ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php...

Design/Logic Flaw

ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php...

HDwiki文件上传导致远程代码执行漏洞

简要描述： 互动维客开源系统（HDwiki）作为中国第一家拥有自主知识产权的中文维基（Wiki）系统，由互动在线（北京）科技有限公司于2006 年11月28日正式推出，力争为给国内外众多的维基（Wiki）爱好者提供一个免费、易用、功能强大的维基（Wiki）建站系统。HDwiki的推出，填补了中文维基（Wiki）建站系统的空白 但是HDwiki中某些上传功能存在安全漏洞，通过一些数据即可绕过上传限制，最终控制远程站点 详细说明： lib/file.class.php中 function uploadfile$attachment,$target,$maxsize=1024,$isimage...

Molyx Board 2.81 attachment.php页面过滤不严导致源码泄露漏洞

魔力论坛MolyX Board 是魔力系列Web应用软件产品之一，由魔力工作室MolyX Studios 经过数年的市场技术调研及学习研究，在融合了当今众多论坛程序技术和实践优点的基础上，针对中国人的使用习惯开发研制的一款功能强大、速度飞快、性能卓越、安全性极高的论坛系统。其采用PHP及MySql构建，整体架构采用最先进的面向对象思想，在功能、速度、性能、安全及开发理念和创新意识上均超越了目前国内外市场同类产品。魔力论坛推出的短短数月间，就获得了大量用户和业界专家的一致好评和认可，越来越多的用户选择了魔力论坛作为应用网站论坛社区的解决方案。 在attachment.php页面当中 1...

phpBugTracker 1.0.1 File Disclosure

============================================================================== » Note : Tribute to the martyrs of Gaza . ============================================================================== » phpBugTracker v1.0.1 File Disclosure Vulnerability...

CVE-2007-2911

CVE-2007-2911 : A SQL injection in Jelsoft’s vBulletin admincp/attachment.php (before 3.6.6) allows remote authenticated administrators to execute arbitrary SQL via the "Attached After" field (GPC['search']['datelineafter']). This is related to CVE-2007-1573. Affected product/version: vBulletin p...

Sql injection

SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field...

CVE-2007-1573

SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field...

CVE-2007-1573

CVE-2007-1573 affects Jelsoft vBulletin 3.6.5. The vulnerability is an SQL injection in admincp/attachment.php via the Attached Before field, enabling remote authenticated administrators to execute arbitrary SQL commands. The connected sources cite the same vector and impact; no patch/version rem...

CVE-2006-6999

attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified id parameter...

CVE-2006-6999

The CVE-2006-6999 entry concerns attachment.php in Headstart Solutions DeskPRO, where remote attackers can read all uploaded files by supplying a modified id parameter. The vulnerability is evidenced across multiple sources (NVD, Red Hat advisory, CVE listings) with the core issue being an insecu...