HIGH🇬🇧 English

CVE-2008-7218

CVSS 10.0v2.0pub. 2009-09-13upd. 2026-04-23

Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Horde Groupware

    APP
    Horde
    1.01.0.11.0.21.1
  • Horde Groupware Webmail Edition

    APP
    Horde
    1.01.0.21.0.31.1
  • Horde

    APP
    Horde
    3.13.1.13.1.23.1.33.1.43.1.53.2
  • Horde Kronolith H3

    APP
    Horde
    2.12.1.12.1.22.1.32.1.42.1.52.1.62.2
  • Horde Mnemo H3

    APP
    Horde
    2.12.1.12.2
  • Horde Nag H3

    APP
    Horde
    2.12.1.12.1.22.1.32.2
  • Horde Turba H3

    APP
    Horde
    2.12.1.12.1.22.1.32.1.42.1.52.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-8518CRITICAL9.8ten sam produkt

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote ...

CVE-2022-30287HIGH8.0ten sam produkt

Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker ...

CVE-2013-6364HIGH8.8ten sam produkt

Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book

CVE-2019-12095HIGH8.8ten sam produkt

Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as dem...

CVE-2019-9858HIGH8.8ten sam produkt

Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contain...