Horde : Security Vulnerabilities, CVEs, Published In March 2006
Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.
Max CVSS
7.5
EPSS Score
35.10%
Published
2006-03-29
Updated
2017-07-20
Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Max CVSS
5.0
EPSS Score
12.07%
Published
2006-03-19
Updated
2018-10-18
2 vulnerabilities found