This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:horde:groupware:1.1
Detail
VendorHordeFirst view 2009-09-13
ProductGroupwareLast view2015-11-19
Version1.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:horde:groupware

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
6.82015-11-19CVE-2015-7984NetworkMediumNone Requ...
4.32014-07-14CVE-2014-4946NetworkMediumNone Requ...
4.32014-07-14CVE-2014-4945NetworkMediumNone Requ...
4.32014-04-05CVE-2012-6640NetworkMediumNone Requ...
4.32014-04-05CVE-2012-5567NetworkMediumNone Requ...
Hide | Show 10 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32014-04-05CVE-2012-5566NetworkMediumNone Requ...
4.32014-04-05CVE-2012-5565NetworkMediumNone Requ...
4.32011-04-04CVE-2010-4778NetworkMediumNone Requ...
4.32011-04-04CVE-2010-3693NetworkMediumNone Requ...
4.32011-03-31CVE-2010-3695NetworkMediumNone Requ...
4.32009-12-21CVE-2009-4363NetworkMediumNone Requ...
4.32009-12-21CVE-2009-3701NetworkMediumNone Requ...
4.32009-09-17CVE-2009-3236NetworkMediumNone Requ...
102009-09-13CVE-2008-7219NetworkLowNone Requ...
102009-09-13CVE-2008-7218NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
84% (11)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
7% (1)CWE-352Cross-Site Request Forgery (CSRF)
7% (1)CWE-264Permissions, Privileges, and Access Controls

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:8126DSA-1897 horde3 -- insufficient input sanitisation
oval:org.mitre.oval:def:13713DSA-1897-1 horde3 -- insufficient input sanitisation
oval:org.mitre.oval:def:7069DSA-1966 horde3 -- insufficient input sanitising
oval:org.mitre.oval:def:12635DSA-1966-1 horde3 -- insufficient input sanitising
oval:org.mitre.oval:def:12989DSA-2204-1 imp4 -- Insufficient input sanitising

Open Source Vulnerability Database (OSVDB)

idDescription
68267Horde DIMP Mailbox Page Folder Label XSS
68261Horde IMP fetchmailprefs.php fm_id Parameter XSS
61338Horde Xss.php Filter Bypass data:// URI XSS
61304Horde Administration Interface admin/sqlshell.php PATH_INFO Parameter XSS
61303Horde Administration Interface admin/cmdshell.php PATH_INFO Parameter XSS
Hide | Show 4 More...
idDescription
61043Horde Administration Interface admin/phpshell.php PATH_INFO Parameter XSS
58107Horde Application Framework Form Library Image Form Field Arbitrary File Over...
42776Horde Multiple Products Share Management Owner Validation Unspecified Issue
42775Horde Multiple Products API Unspecified Privilege Escalation

ExploitDB Exploits

idDescription
10512Horde 3.3.5 "PHP_SELF" XSS vulnerability

OpenVAS Exploits

idDescription
2011-05-12Name : Debian Security Advisory DSA 2204-1 (imp4)
File : nvt/deb_2204_1.nasl
2010-09-28Name : Horde IMP Webmail 'fetchmailprefs.php' HTML Injection Vulnerability
File : nvt/gb_horde_imp_43515.nasl
2010-04-06Name : Fedora Update for horde FEDORA-2010-5483
File : nvt/gb_fedora_2010_5483_horde_fc11.nasl
2010-04-06Name : Fedora Update for horde FEDORA-2010-5520
File : nvt/gb_fedora_2010_5520_horde_fc12.nasl
2010-01-11Name : Debian Security Advisory DSA 1966-1 (horde3)
File : nvt/deb_1966_1.nasl
Hide | Show 4 More...
idDescription
2009-11-11Name : Gentoo Security Advisory GLSA 200911-01 (horde horde-webmail horde-groupware)
File : nvt/glsa_200911_01.nasl
2009-10-06Name : Debian Security Advisory DSA 1897-1 (horde3)
File : nvt/deb_1897_1.nasl
2009-09-15Name : FreeBSD Ports: horde-base
File : nvt/freebsd_horde-base0.nasl
2009-02-16Name : Fedora Update for kronolith FEDORA-2008-2212
File : nvt/gb_fedora_2008_2212_kronolith_fc7.nasl

Nessus® Vulnerability Scanner

idDescription
2015-11-04Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3391.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-837.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-843.nasl - Type : ACT_GATHER_INFO
2013-01-21Name : The remote web server hosts a PHP application that is affected by a cross-sit...
File : imp_upload_xss.nasl - Type : ACT_GATHER_INFO
2011-03-28Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2204.nasl - Type : ACT_GATHER_INFO
Hide | Show 8 More...
idDescription
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-5520.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-5563.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-5483.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1966.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1897.nasl - Type : ACT_GATHER_INFO
2010-02-15Name : The remote openSUSE host is missing a security update.
File : suse_11_0_horde-100210.nasl - Type : ACT_GATHER_INFO
2009-11-09Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200911-01.nasl - Type : ACT_GATHER_INFO
2008-03-07Name : The remote Fedora host is missing a security update.
File : fedora_2008-2212.nasl - Type : ACT_GATHER_INFO