146 matches found
CVE-2026-58451
Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...
CVE-2026-58451
CVE-2026-58451 concerns Horde IMP prior to 7.0.1. A path traversal flaw in lib/Compose.php enables an authenticated attacker to read arbitrary server files by inserting traversal sequences after the CKEditor path prefix in img src URLs. The issue circumvents prefix validation by appending travers...
CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src
Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...
CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src
Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...
PT-2026-54913
Name of the Vulnerable Software and Affected Versions Horde IMP versions prior to 7.0.1 Description A path traversal issue exists in the lib/Compose.php file. Authenticated attackers can read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix ...
EUVD-2002-2003
Malware in sbrugna...
EUVD-2005-4075
Malware in sbrugna...
EUVD-2006-4243
Malware in sbrugna...
EUVD-2010-0494
Malware in sbrugna...
EUVD-2005-1322
Malware in sbrugna...
EUVD-2010-3679
Malware in sbrugna...
EUVD-2001-0729
Malware in sbrugna...
EUVD-2010-1659
Malware in sbrugna...
EUVD-2007-1509
Malware in sbrugna...
EUVD-2009-0927
Malware in sbrugna...
EUVD-2012-0822
Malware in sbrugna...
EUVD-2004-0583
Malware in sbrugna...
EUVD-2004-1440
Malware in sbrugna...
EUVD-2025-7227
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-30349
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail...