10 matches found
[SECURITY] [DLA 2174-1] php-horde-data security update
Package : php-horde-data Version : 2.1.0-5+deb8u1 CVE ID : CVE-2020-8518 Debian Bug : 951537 A remote code execution vulnerability was discovered in the Horde Application Framework. An authenticated remote attacker could use this flaw to cause execution of uploaded CSV data. For Debian 8 "Jessie"...
CVE-2020-8518
creationtimestamp| type| source ---|---|--- 2020-03-23 12:42:56+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/hordecsvrce.rb 2024-02-06 15:08:35+00:00| exploited| https://t.me/CyberSecurityTechnologies/795 2025-02-06 03:13:44+00:00| seen|...
Horde 5.2.22 CSV Import Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Horde CSV import arbitrary PHP code execution', 'Description' = %q The HordeData module version 2.1.4 and before present in Horde Groupware versi...
Horde CSV import arbitrary PHP code execution
The HordeData module version 2.1.4 and before present in Horde Groupware version 5.2.22 allows authenticated users to inject arbitrary PHP code thus achieving RCE on the server hosting the web application. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2020-8518
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...
CVE-2020-8518
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...
CVE-2020-8518
CVE-2020-8518 is an RCE in Horde Groupware Webmail Edition 5.2.22 via CSV data import, caused by arbitrary PHP code injection in the Horde_Data component. The vulnerability allows authenticated users to execute code on the server hosting the web application. Affected versions include Horde Groupw...
CVE-2020-8518
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...
Fedora 31 : php-horde-Horde-Data (2020-1e7cc91d55)
HordeData 2.1.5 - jan Fix Remote Code Execution vulnerability CVE-2020-8518, Reported by: Andrea Cardaci/SSD. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it...
Fedora: Security Advisory for php-horde-Horde-Data (FEDORA-2020-0248ad925e)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...