Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 4:52 p.m.10 views

CVE-2020-8865

This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the paramstemplate parameter, the process doe...

6.5CVSS6.7AI score0.06808EPSS
Exploits4References1
debian
debian
added 2020/04/15 3:3 a.m.79 views

[SECURITY] [DLA 2175-1] php-horde-trean security update

Package : php-horde-trean Version : 1.1.1-2+deb8u1 CVE ID : CVE-2020-8865 Debian Bug : 955019 A directory traversal vulnerability resulting from insufficient input sanitization was discovered in the Horde Application Framework. An authenticated remote attacker could use this flaw to execute code ...

6.5CVSS6.7AI score0.06808EPSS
Exploits4
ubuntucve
ubuntucve
added 2020/03/23 9:15 p.m.25 views

CVE-2020-8865

This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the paramstemplate parameter, the process doe...

6.5CVSS6.4AI score0.06808EPSS
Exploits4References5
cve
cve
added 2020/03/23 8:15 p.m.75 views

CVE-2020-8865

CVE-2020-8865 affects Horde Groupware Webmail Edition 5.2.22. A flaw in edit.php when parsing params[template] allows an authenticated attacker to trigger improper file path handling and, with other vulnerabilities, execute code as the www-data user. Connected advisories confirm the issue and lin...

6.5CVSS6.3AI score0.06808EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder