16 matches found
Horde 3.3.5 - "PHP_SELF" XSS vulnerability
No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Base Score...
Fedora 13 : horde-3.3.6-1.fc13 (2010-5563)
Upgrade to 3.3.6 - Fixes a lot of security bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 12 : horde-3.3.6-1.fc12 (2010-5520)
Upgrade to 3.3.6 - Fixes a lot of security bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 11 : horde-3.3.6-1.fc11 (2010-5483)
Upgrade to 3.3.6 - Fixes a lot of security bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for horde FEDORA-2010-5483
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Debian DSA-1966-1 : horde3 - insufficient input sanitising
Several vulnerabilities have been found in horde3, the horde web application framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3237 It has been discovered that horde3 is prone to cross-site scripting attacks via crafted number preferences o...
openSUSE Security Update : horde (horde-1947)
This update of horde fixes : - CVE-2009-3236: CVSS v2 Base Score: 5.0: Overwrite arbitrary files and execute PHP code - CVE-2009-3237: CVSS v2 Base Score: 5.0: Cross-Site Scripting XSS - CVE-2009-3701: CVSS v2 Base Score: 4.3: Cross-Site Scripting XSS - CVE-2009-4363: CVSS v2 Base Score: 4.3:...
Debian: Security Advisory (DSA-1966-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1966-1] New horde3 packages fix cross-site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-1966-1 [email protected] http://www.debian.org/security/ Steffen Joeris January 07, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1966-1] New horde3 packages fix cross-site scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1966-1 [email protected] http://www.debian.org/security/ Steffen Joeris January 07, 2010 http://www.debian.org/security/faq -...
CVE-2009-3701
CVE-2009-3701 affects Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5. It enables remote XSS via PATH_INFO to admin/phpshell.php, admin/cmdshell.php, or admin/sqlshell.php, related to PHP_SELF. Impact is arbitrary script/HTM...
Horde 3.3.5 - 'PHP_SELF' Cross-Site Scripting
============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Base Score...
Horde 3.3.5 - PHP_SELF Cross-Site Scripting
Horde 3.3.5 - PHPSELF Cross-Site Scripting ============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Bas...
Horde 3.3.5 Cross Site Scripting
============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Base Score...
Horde 3.3.5 "PHP_SELF" XSS vulnerability
Exploit for unknown platform in category web applications ======================================== Horde 3.3.5 "PHPSELF" XSS vulnerability ======================================== ============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date:...
[ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability
============================================= INTERNET SECURITY AUDITORS ALERT 2009-012 - Original release date: October 13th, 2009 - Last revised: December 16th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3701 - Severity: 6.3/10 CVSS Base Score...