10 matches found
Debian: Security Advisory (DLA-2350-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-7984
Multiple cross-site request forgery CSRF vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary 1 commands via the cmd paramet...
CVE-2015-7984
Multiple cross-site request forgery CSRF vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary 1 commands via the cmd paramet...
CVE-2015-7984
CVE-2015-7984 cites CSRF vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 that allow remote attackers to hijack administrator authentication to perform requests executing arbitrary commands, SQL queries, or PHP code (via cmd, ...
CVE-2015-7984
Multiple cross-site request forgery CSRF vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary 1 commands via the cmd paramet...
Horde Groupware 5.2.10 Cross Site Request Forgery
Advisory ID: HTB23272 Product: Horde Groupware Vendor: http://www.horde.org Vulnerable Versions: 5.2.10 and probably prior Tested Version: 5.2.10 Advisory Publication: September 30, 2015 without technical details Vendor Notification: September 30, 2015 Vendor Patch: October 22, 2015 Public...
Horde Groupware 5.2.10 Cross Site Request Forgery Vulnerability
Horde Groupware version 5.2.10 suffers from a cross site request forgery vulnerability. Product: Horde Groupware Vendor: http://www.horde.org Vulnerable Versions: 5.2.10 and probably prior Tested Version: 5.2.10 Advisory Publication: September 30, 2015 without technical details Vendor Notificatio...
Horde Groupware 5.2.10 - Cross-Site Request Forgery
Horde Groupware 5.2.10 - Cross-Site Request Forgery Advisory ID: HTB23272 Product: Horde Groupware Vendor: http://www.horde.org Vulnerable Versions: 5.2.10 and probably prior Tested Version: 5.2.10 Advisory Publication: September 30, 2015 without technical details Vendor Notification: September 3...
Horde Groupware 5.2.10 - Cross-Site Request Forgery
Advisory ID: HTB23272 Product: Horde Groupware Vendor: http://www.horde.org Vulnerable Versions: 5.2.10 and probably prior Tested Version: 5.2.10 Advisory Publication: September 30, 2015 without technical details Vendor Notification: September 30, 2015 Vendor Patch: October 22, 2015 Public...
Debian Security Advisory DSA 3391-1 (php-horde - security update)
It was discovered that the web-based administration interface in the Horde Application Framework did not guard against Cross-Site Request Forgery CSRF attacks. As a result, other, malicious web pages could cause Horde applications to perform actions as the Horde user. The oldstable distribution...