Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-3445

Malware in sbrugna...

4.3CVSS6.4AI score0.01788EPSS
Exploits1References15
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3447

Cross-site scripting XSS vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a viewfile action...

4.3CVSS5.9AI score0.01788EPSS
Exploits1References3
Veracode
Veracode
added 2020/12/06 3:25 a.m.17 views

Authentication Bypass

php-horde-gollem is vulnerable to authentication bypass. The File Manager gollem module allows remote attackers to bypass Horde authentication for file downloads via a malicious fn parameter that corresponds to the exact filename...

7.5CVSS6AI score0.0553EPSS
Exploits3References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/08/31 12:0 a.m.19 views

Debian DLA-2352-1 : php-horde-gollem security update

The File Manager gollem module in Horde Groupware has allowed remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponded to the exact filename. For Debian 9 stretch, this problem has been fixed in version 3.0.10-1+deb9u2. We recommend that you...

7.5CVSS7.2AI score0.0553EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2020/08/30 12:0 a.m.12 views

Debian: Security Advisory (DLA-2352-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.0553EPSS
Exploits3References4
Debian
Debian
added 2020/08/29 8:5 p.m.23 views

[SECURITY] [DLA 2352-1] php-horde-gollem security update

Debian LTS Advisory DLA-2352-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 29, 2020 https://wiki.debian.org/LTS Package : php-horde-gollem Version : 3.0.10-1+deb9u2 CVE ID : CVE-2017-15235 The File Manager gollem module in Horde Groupware has allowed remot...

7.5CVSS7AI score0.0553EPSS
Exploits3
OSV
OSV
added 2020/08/29 12:0 a.m.23 views

DLA-2352-1 php-horde-gollem - security update

Bulletin has no description...

7.5CVSS7.4AI score0.0553EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2020/06/01 12:0 a.m.33 views

Debian DLA-2229-1 : php-horde-gollem security update

Gollem, as used in Horde Groupware Webmail Edition and other products, had been affected by a reflected Cross-Site Scripting XSS vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker could have obtained access to a victim's webmail...

6.1CVSS6.1AI score0.00974EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/06/01 12:0 a.m.13 views

Debian: Security Advisory (DLA-2229-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.3AI score0.00974EPSS
Exploits0References3
Debian
Debian
added 2020/05/31 2:51 p.m.60 views

[SECURITY] [DLA 2229-1] php-horde-gollem security update

Package : php-horde-gollem Version : 3.0.3-2+deb8u1 CVE ID : CVE-2020-8034 Debian Bug : 961649 Gollem, as used in Horde Groupware Webmail Edition and other products, had been affected by a reflected Cross-Site Scripting XSS vulnerability via the HTTP GET dir parameter in the browser functionality...

6.1CVSS6.3AI score0.00974EPSS
Exploits0
OSV
OSV
added 2020/05/31 12:0 a.m.19 views

DLA-2229-1 php-horde-gollem - security update

Bulletin has no description...

6.1CVSS6.1AI score0.00974EPSS
Exploits0
CNVD
CNVD
added 2020/05/19 12:0 a.m.3 views

Horde Gollem Cross-Site Scripting Vulnerability

Horde Groupware Webmail is a browser-based, enterprise-class communications suite from Horde, Inc. Gollem is a file manager used in it. A cross-site scripting vulnerability exists in Horde Gollem versions prior to 3.0.13 used in Horde Groupware Webmail Edition version 5.2.22 and other products,...

6.1CVSS6.4AI score0.00974EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2011/04/11 12:0 a.m.20 views

Horde Gollem 'file' Cross-Site Scripting Vulnerability

This host is running Horde Gollem and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbhordegollemfilexssvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Horde Gollem 'file' Cross-Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone...

4.3CVSS6.2AI score0.01788EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/04/11 12:0 a.m.17 views

Horde Gollem 'file' Cross-Site Scripting Vulnerability

Horde Gollem is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.7AI score0.01788EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/04/11 12:0 a.m.13 views

Horde Gollem Version Detection

The script detects the version of Horde Gollem on remote host and sets the KB. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0
NVD
NVD
added 2011/04/04 12:27 p.m.19 views

CVE-2010-3447

Cross-site scripting XSS vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a viewfile action...

4.3CVSS5.6AI score0.01788EPSS
Exploits1References13
UbuntuCve
UbuntuCve
added 2011/04/04 12:27 p.m.20 views

CVE-2010-3447

Cross-site scripting XSS vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a viewfile action...

4.3CVSS6AI score0.01788EPSS
Exploits1References2
Prion
Prion
added 2011/04/04 12:27 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the file parameter in a viewfile action...

4.3CVSS6.1AI score0.01788EPSS
Exploits1References13Affected Software1
CVE
CVE
added 2011/04/01 9:0 p.m.47 views

CVE-2010-3447

The CVE-2010-3447 entry describes a cross-site scripting (XSS) vulnerability in Horde Gollem’s file viewer. Specifically, view.php in the viewer accepts a file parameter in a view_file action, allowing remote attackers to inject arbitrary web script or HTML. Affected software is Horde Gollem up t...

4.3CVSS5.8AI score0.01788EPSS
Exploits1References13Affected Software1
OpenVAS
OpenVAS
added 2010/10/10 12:0 a.m.13 views

FreeBSD Ports: horde-gollem

The remote host is missing an update to the system as announced in the referenced advisory. VID e08c596e-cb28-11df-9c1b-0011098ad87f OpenVAS Vulnerability Test $ Description: Auto generated from VID e08c596e-cb28-11df-9c1b-0011098ad87f Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

7.4AI score
Exploits0
Rows per page
Query Builder