Lucene search
K

10 matches found

Debian
Debian
added 2020/04/15 3:2 a.m.125 views

[SECURITY] [DLA 2174-1] php-horde-data security update

Package : php-horde-data Version : 2.1.0-5+deb8u1 CVE ID : CVE-2020-8518 Debian Bug : 951537 A remote code execution vulnerability was discovered in the Horde Application Framework. An authenticated remote attacker could use this flaw to cause execution of uploaded CSV data. For Debian 8 "Jessie"...

9.8CVSS7.8AI score0.71728EPSS
Exploits5
Circl
Circl
added 2020/03/23 12:42 p.m.7 views

CVE-2020-8518

creationtimestamp| type| source ---|---|--- 2020-03-23 12:42:56+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/hordecsvrce.rb 2024-02-06 15:08:35+00:00| exploited| https://t.me/CyberSecurityTechnologies/795 2025-02-06 03:13:44+00:00| seen|...

9.8CVSS8.6AI score0.71728EPSS
Exploits5References2
Packet Storm
Packet Storm
added 2020/03/23 12:0 a.m.199 views

Horde 5.2.22 CSV Import Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Horde CSV import arbitrary PHP code execution', 'Description' = %q The HordeData module version 2.1.4 and before present in Horde Groupware versi...

7.5CVSS0.1AI score0.71728EPSS
Exploits5
Metasploit
Metasploit
added 2020/03/14 3:7 p.m.48 views

Horde CSV import arbitrary PHP code execution

The HordeData module version 2.1.4 and before present in Horde Groupware version 5.2.22 allows authenticated users to inject arbitrary PHP code thus achieving RCE on the server hosting the web application. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS7.4AI score0.71728EPSS
Exploits5
NVD
NVD
added 2020/02/17 3:15 p.m.26 views

CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

9.8CVSS10AI score0.71728EPSS
Exploits5References5
UbuntuCve
UbuntuCve
added 2020/02/17 3:15 p.m.39 views

CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

9.8CVSS7.5AI score0.71728EPSS
Exploits5References4
CVE
CVE
added 2020/02/17 2:53 p.m.208 views

CVE-2020-8518

CVE-2020-8518 is an RCE in Horde Groupware Webmail Edition 5.2.22 via CSV data import, caused by arbitrary PHP code injection in the Horde_Data component. The vulnerability allows authenticated users to execute code on the server hosting the web application. Affected versions include Horde Groupw...

9.8CVSS9.8AI score0.71728EPSS
Exploits5References5Affected Software1
Debian CVE
Debian CVE
added 2020/02/17 2:53 p.m.54 views

CVE-2020-8518

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution...

9.8CVSS10AI score0.71728EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2020/02/14 12:0 a.m.41 views

Fedora 31 : php-horde-Horde-Data (2020-1e7cc91d55)

HordeData 2.1.5 - jan Fix Remote Code Execution vulnerability CVE-2020-8518, Reported by: Andrea Cardaci/SSD. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it...

9.8CVSS8.4AI score0.71728EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2020/02/14 12:0 a.m.61 views

Fedora: Security Advisory for php-horde-Horde-Data (FEDORA-2020-0248ad925e)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.71728EPSS
Exploits5References2
Rows per page
Query Builder