Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-1322

Malware in sbrugna...

4.3CVSS6.4AI score0.01228EPSS
Exploits0References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Horde IMP Webmail <= 4.0.4 Client Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22975/info Horde IMP Webmail Client is prone to multiple input-validation vulnerabilities, including cross-site scripting and an HTML-injection issue, because the application fails to properly sanitize user-supplied input...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/09/27 12:0 a.m.24 views

Horde IMP Webmail 4.3.7 - &#039;fetchmailprefs.php&#039; HTML Injection

source: https://www.securityfocus.com/bid/43515/info Horde IMP Webmail is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data before it is used in dynamic content. Attacker-supplied HTML or JavaScript code could run in the context of the affected...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/03/15 12:0 a.m.50 views

[Full-disclosure] Horde IMP Webmail Client version H3 &#40;4.1.4&#41; fixes multiple XSS issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Horde IMP Webmail Client version H3 4.1.4 was released a few hours ago. It contains fixes for 2 XSS issues compared to 4.1.4 RC1. 1. Script injection through email subject lines in threaded view Subject lines of emails, when displayed in vulnerabl...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/15 12:0 a.m.20 views

Horde IMP Webmail 4.0.4 Client - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/22975/info Horde IMP Webmail Client is prone to multiple input-validation vulnerabilities, including cross-site scripting and an HTML-injection issue, because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and scrip...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/04/27 4:0 a.m.26 views

CVE-2005-1319

Cross-site scripting XSS vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title...

5.6AI score0.01228EPSS
Exploits0References3
CVE
CVE
added 2005/04/27 4:0 a.m.53 views

CVE-2005-1319

CVE-2005-1319 describes a cross-site scripting (XSS) vulnerability in the Horde IMP Webmail client, affecting versions prior to 3.2.8. The root cause is unsanitized input used to set the parent frame page title, allowing remote attackers to inject arbitrary script/HTML. Public references (NVD, SU...

4.3CVSS5.7AI score0.01228EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2001/11/10 12:0 a.m.53 views

Horde Imp Webmail status.php3 message Parameter XSS

The remote server is running IMP 2.2.7. Such versions are potentially affected by a cross-site scripting attack which can be used by an attacker to hijack a victim's IMP session. Nessus solely relied on the version number of your installation, so if you applied the hotfix already, consider this...

7.5CVSS5.2AI score0.0349EPSS
Exploits0References1
Rows per page
Query Builder