Known Vulnerabilities for Horde Application Framework by Horde
Listed below are 9 of the newest known vulnerabilities associated with "Horde Application Framework" by "Horde".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2015-7984 | Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Gr... | 6.8 - MEDIUM | 2015-11-19 | 2021-05-19 |
| CVE-2014-1691 | The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduc... | 7.5 - HIGH | 2014-04-01 | 2014-04-02 |
| CVE-2010-3694 | Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework before 3.3.9 allows remote attackers to hi... | 6.8 - MEDIUM | 2010-11-09 | 2011-07-12 |
| CVE-2010-3077 | Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remo... | 4.3 - MEDIUM | 2010-11-09 | 2011-07-12 |
| CVE-2009-3237 | Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Gro... | 4.3 - MEDIUM | 2009-09-17 | 2019-06-18 |
| CVE-2007-1474 | Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework... | 6.8 - MEDIUM | 2007-03-16 | 2017-07-29 |
| CVE-2007-1473 | Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework before 3.1.4 RC1, when the login page co... | 4.3 - MEDIUM | 2007-03-16 | 2018-10-16 |
| CVE-2006-3549 | services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its im... | 5 - MEDIUM | 2006-07-13 | 2018-10-18 |
| CVE-2005-4190 | Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework before 3.0.8 allow remote authenticated us... | 3.5 - LOW | 2005-12-13 | 2011-09-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Horde | Horde Application Framework | 5.2.9 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.8 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.7 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.6 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.5 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.4 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.3 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.21 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.20 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.2 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.19 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.18 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.17 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.16 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.15 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.14 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.13 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.12 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.11 | All | All | All |
| Application | Horde | Horde Application Framework | 5.2.10 | All | All | All |