CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
EPSS
Percentile
92.1%
Directory traversal vulnerability in framework/Image/Image.php in Horde
before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote
attackers to include and execute arbitrary local files via directory
traversal sequences in the Horde_Image driver name.