Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
oryginał ENAV:N/AC:L/Au:N/C:P/I:P/A:PHorde Imp
APPHorde2.22.2.12.2.22.2.32.2.42.2.52.2.62.2.72.2.8
Powiązane podatności
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to exe...
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows rem...
Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0...
Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde ...
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edi...