Lucene search
K

146 matches found

NVD
NVD
added 2026/07/01 7:16 p.m.9 views

CVE-2026-58451

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS0.00379EPSS
Exploits0References7
CVE
CVE
added 2026/07/01 6:16 p.m.23 views

CVE-2026-58451

CVE-2026-58451 concerns Horde IMP prior to 7.0.1. A path traversal flaw in lib/Compose.php enables an authenticated attacker to read arbitrary server files by inserting traversal sequences after the CKEditor path prefix in img src URLs. The issue circumvents prefix validation by appending travers...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/07/01 6:16 p.m.7 views

CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/01 6:16 p.m.38 views

CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS0.00379EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.9 views

PT-2026-54913

Name of the Vulnerable Software and Affected Versions Horde IMP versions prior to 7.0.1 Description A path traversal issue exists in the lib/Compose.php file. Authenticated attackers can read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix ...

7.1CVSS6.1AI score0.00379EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-2003

Malware in sbrugna...

5.3CVSS6.4AI score0.01924EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-4075

Malware in sbrugna...

4.3CVSS6.4AI score0.02401EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-4243

Malware in sbrugna...

4.3CVSS5.4AI score0.01624EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2010-0494

Malware in sbrugna...

5CVSS6.1AI score0.01945EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-1322

Malware in sbrugna...

4.3CVSS6.4AI score0.01228EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3679

Malware in sbrugna...

4.3CVSS6.1AI score0.04979EPSS
Exploits1References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0729

Malware in sbrugna...

2.1CVSS6.4AI score0.00356EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-1659

Malware in sbrugna...

5CVSS6.4AI score0.01266EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2007-1509

Malware in sbrugna...

4.3CVSS6.4AI score0.02368EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-0927

Malware in sbrugna...

4.3CVSS6.1AI score0.01604EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-0822

Malware in sbrugna...

4.3CVSS6.1AI score0.02437EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2004-0583

Malware in sbrugna...

6.8CVSS6.1AI score0.0134EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2004-1440

Malware in sbrugna...

4.3CVSS6.2AI score0.01208EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-7227

Malicious code in bioql PyPI...

7.2CVSS6.3AI score0.30164EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-30349

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail...

7.2CVSS5.3AI score0.30164EPSS
Exploits0References3
Rows per page
Query Builder