Lucene search
K

29 matches found

UbuntuCve
UbuntuCve
added 2022/07/28 10:15 p.m.45 views

CVE-2022-30287

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects...

8CVSS7.4AI score0.70276EPSS
Exploits1References2
OSV
OSV
added 2022/07/28 10:15 p.m.2 views

UBUNTU-CVE-2022-30287

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects...

8CVSS5.9AI score0.70276EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/07/28 10:15 p.m.3 views

CVE-2022-30287

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects...

8CVSS7.5AI score0.70276EPSS
Exploits1References4
Prion
Prion
added 2022/07/28 10:15 p.m.19 views

Design/Logic Flaw

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects...

6CVSS8AI score0.70276EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2022/07/28 9:8 p.m.19 views

CVE-2022-30287

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects...

8.2AI score0.70276EPSS
Exploits1References3
OSV
OSV
added 2022/07/28 9:8 p.m.25 views

CVE-2022-30287

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects...

8CVSS7.2AI score0.70276EPSS
Exploits1References6
CVE
CVE
added 2022/07/28 9:8 p.m.116 views

CVE-2022-30287

CVE-2022-30287 affects Horde Groupware Webmail Edition up to 5.2.22, enabling a reflection injection that allows arbitrary deserialization of PHP objects via a driver-class instantiation. Debian advisories note fixes in php-horde-turba: 4.2.25-5+deb11u2 for Debian 11 (and related LTS advisories f...

8CVSS7.8AI score0.70276EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2022/07/28 9:8 p.m.70 views

CVE-2022-30287

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects...

8CVSS8.1AI score0.70276EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/06/02 12:0 a.m.4 views

PT-2022-4811 · Horde · Horde Groupware Webmail Edition

Name of the Vulnerable Software and Affected Versions: Horde Groupware Webmail Edition versions 5.2.22 and earlier Description: The issue allows for a reflection injection attack, leading to arbitrary deserialization of PHP objects. This can be exploited by an authenticated user to execute...

8CVSS8AI score0.70276EPSS
Exploits1References27
Rows per page
Query Builder