Show filters
194 Total Results
Displaying 21-30 of 194
Sort by:
Attacker Value
Unknown

CVE-2019-19907

Disclosure Date: December 19, 2019 (last updated November 27, 2024)
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2013-6275

Disclosure Date: November 05, 2019 (last updated November 27, 2024)
Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2013-6364

Disclosure Date: November 05, 2019 (last updated November 27, 2024)
Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2013-6365

Disclosure Date: November 05, 2019 (last updated November 27, 2024)
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2010-4240

Disclosure Date: October 28, 2019 (last updated November 27, 2024)
Tiki Wiki CMS Groupware 5.2 has XSS
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2010-4239

Disclosure Date: October 28, 2019 (last updated November 27, 2024)
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2010-4241

Disclosure Date: October 28, 2019 (last updated November 27, 2024)
Tiki Wiki CMS Groupware 5.2 has CSRF
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-12095

Disclosure Date: October 24, 2019 (last updated November 27, 2024)
Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-12094

Disclosure Date: October 24, 2019 (last updated November 27, 2024)
Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=update_f&user_name= or admin/user.php?form=remove_f&user_name= or admin/config/diff.php?app= URI.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-15314

Disclosure Date: August 22, 2019 (last updated November 27, 2024)
tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to upload JavaScript code that is executed upon visiting a tiki/tiki-download_file.php?display&fileId= URI.
0
0
View More Topics  < Previous  Next >