22 matches found
EUVD-2010-3445
Malware in sbrugna...
SUSE CVE-2010-3447
Cross-site scripting XSS vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a viewfile action...
Authentication Bypass
php-horde-gollem is vulnerable to authentication bypass. The File Manager gollem module allows remote attackers to bypass Horde authentication for file downloads via a malicious fn parameter that corresponds to the exact filename...
Debian DLA-2352-1 : php-horde-gollem security update
The File Manager gollem module in Horde Groupware has allowed remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponded to the exact filename. For Debian 9 stretch, this problem has been fixed in version 3.0.10-1+deb9u2. We recommend that you...
Debian: Security Advisory (DLA-2352-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2352-1] php-horde-gollem security update
Debian LTS Advisory DLA-2352-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 29, 2020 https://wiki.debian.org/LTS Package : php-horde-gollem Version : 3.0.10-1+deb9u2 CVE ID : CVE-2017-15235 The File Manager gollem module in Horde Groupware has allowed remot...
DLA-2352-1 php-horde-gollem - security update
Bulletin has no description...
Debian DLA-2229-1 : php-horde-gollem security update
Gollem, as used in Horde Groupware Webmail Edition and other products, had been affected by a reflected Cross-Site Scripting XSS vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker could have obtained access to a victim's webmail...
Debian: Security Advisory (DLA-2229-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2229-1] php-horde-gollem security update
Package : php-horde-gollem Version : 3.0.3-2+deb8u1 CVE ID : CVE-2020-8034 Debian Bug : 961649 Gollem, as used in Horde Groupware Webmail Edition and other products, had been affected by a reflected Cross-Site Scripting XSS vulnerability via the HTTP GET dir parameter in the browser functionality...
DLA-2229-1 php-horde-gollem - security update
Bulletin has no description...
Horde Gollem Cross-Site Scripting Vulnerability
Horde Groupware Webmail is a browser-based, enterprise-class communications suite from Horde, Inc. Gollem is a file manager used in it. A cross-site scripting vulnerability exists in Horde Gollem versions prior to 3.0.13 used in Horde Groupware Webmail Edition version 5.2.22 and other products,...
Horde Gollem 'file' Cross-Site Scripting Vulnerability
This host is running Horde Gollem and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbhordegollemfilexssvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Horde Gollem 'file' Cross-Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone...
Horde Gollem 'file' Cross-Site Scripting Vulnerability
Horde Gollem is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Horde Gollem Version Detection
The script detects the version of Horde Gollem on remote host and sets the KB. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-3447
Cross-site scripting XSS vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a viewfile action...
CVE-2010-3447
Cross-site scripting XSS vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a viewfile action...
Cross site scripting
Cross-site scripting XSS vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a viewfile action...
CVE-2010-3447
The CVE-2010-3447 entry describes a cross-site scripting (XSS) vulnerability in Horde Gollem’s file viewer. Specifically, view.php in the viewer accepts a file parameter in a view_file action, allowing remote attackers to inject arbitrary web script or HTML. Affected software is Horde Gollem up t...
FreeBSD Ports: horde-gollem
The remote host is missing an update to the system as announced in the referenced advisory. VID e08c596e-cb28-11df-9c1b-0011098ad87f OpenVAS Vulnerability Test $ Description: Auto generated from VID e08c596e-cb28-11df-9c1b-0011098ad87f Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...