2 matches found
CVE-2009-0932
The CVE-2009-0932 issue is a Local File Include/directory traversal vulnerability in Horde_Image::factory driver handling, enabling a remote attacker to include and execute local files. Affected products/versions include Horde framework before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5, wi...
CVE-2009-0931
CVE-2009-0931 affects Horde: tag cloud search (horde/services/portal/cloud_search.php) vulnerable in Horde before 3.2.4 and 3.3.3, and Horde Groupware before 1.1.5. The issue is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unsp...