CVE-2023-29657

eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions...

Horde 5.2.22 CSV Import Code Execution Exploit

The HordeData module version 2.1.4 and before present in Horde Groupware version 5.2.22 allows authenticated users to inject arbitrary PHP code thus achieving remote code execution the server hosting the web application. This module requires Metasploit: https://metasploit.com/download Current...