Search criteria
9 vulnerabilities found for turba_h3 by horde
FKIE_CVE-2008-7218
Vulnerability from fkie_nvd - Published: 2009-09-13 22:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| horde | groupware | 1.0 | |
| horde | groupware | 1.0.1 | |
| horde | groupware | 1.0.2 | |
| horde | groupware | 1.1 | |
| horde | groupware_webmail_edition | 1.0 | |
| horde | groupware_webmail_edition | 1.0.2 | |
| horde | groupware_webmail_edition | 1.0.3 | |
| horde | groupware_webmail_edition | 1.1 | |
| horde | horde | 3.1 | |
| horde | horde | 3.1.1 | |
| horde | horde | 3.1.2 | |
| horde | horde | 3.1.3 | |
| horde | horde | 3.1.4 | |
| horde | horde | 3.1.5 | |
| horde | horde | 3.2 | |
| horde | kronolith_h3 | 2.1 | |
| horde | kronolith_h3 | 2.1.1 | |
| horde | kronolith_h3 | 2.1.2 | |
| horde | kronolith_h3 | 2.1.3 | |
| horde | kronolith_h3 | 2.1.4 | |
| horde | kronolith_h3 | 2.1.5 | |
| horde | kronolith_h3 | 2.1.6 | |
| horde | kronolith_h3 | 2.2 | |
| horde | mnemo_h3 | 2.1 | |
| horde | mnemo_h3 | 2.1.1 | |
| horde | mnemo_h3 | 2.2 | |
| horde | nag_h3 | 2.1 | |
| horde | nag_h3 | 2.1.1 | |
| horde | nag_h3 | 2.1.2 | |
| horde | nag_h3 | 2.1.3 | |
| horde | nag_h3 | 2.2 | |
| horde | turba_h3 | 2.1 | |
| horde | turba_h3 | 2.1.1 | |
| horde | turba_h3 | 2.1.2 | |
| horde | turba_h3 | 2.1.3 | |
| horde | turba_h3 | 2.1.4 | |
| horde | turba_h3 | 2.1.5 | |
| horde | turba_h3 | 2.2 | |
| horde | turba_h3 | 2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:horde:groupware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71C2653B-7F0B-4628-9E77-44744BC05463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:groupware:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC241F01-B9DF-4D0E-BA3C-3523AEEB6BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:groupware:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B574D428-0A3A-47CA-A926-5C936F83919A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:groupware:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6BBB036-494E-41D4-BD04-40906FAB5C60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A30F59C-D09A-495D-B5E5-E908D913164E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B013D26B-BE67-4131-B320-EF87D19E9C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "664B0D12-607C-4B5F-AC8E-FB1BBD1332E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:groupware_webmail_edition:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46ADF628-449A-463E-A459-69FD9DB2ADAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D589E22C-7F87-43EF-B5FF-DC2B43E5252C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57AD38FB-23DF-406D-8889-E9EB18D22C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35BECCFA-1E18-41ED-882A-5C743D970EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C0285D4F-8CD8-48F9-9D68-A80E8742BAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B3808FD9-126C-422F-AFE4-4FF6E1366431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:horde:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "96A4F9E2-7978-4C82-9BD3-B6B73C4918E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:horde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "457276C8-6665-48C5-948C-E65E6309C0ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:kronolith_h3:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "391F88AC-0D1B-4F13-874C-6FD3C6E90CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:kronolith_h3:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5E6E0C-7E94-4187-B53B-1BBB73C23EE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:kronolith_h3:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FDCD1651-0610-4338-9EA6-343865AA9F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:kronolith_h3:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F6A557A-EC2D-40AF-88C7-208DB4E8FA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:kronolith_h3:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "733B59F3-1648-4875-9A9B-EC3BCA49BCEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:kronolith_h3:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "012BBA79-F969-405E-BBC8-FDC23DE25012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:kronolith_h3:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5A06B44D-9448-4C96-BD37-790DA9842BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:kronolith_h3:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B67D985-950E-42B5-BA8D-05AE8A3EE3EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:mnemo_h3:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2814A27-E3C4-4A69-8FEB-E4900CD9876D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:mnemo_h3:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CAC140-EA0B-4FFD-B8E7-3295623C6D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:mnemo_h3:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38397885-FDB3-4454-BFBB-2B28173FEC79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:nag_h3:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "08307428-AE78-453B-A121-15AEB7049EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:nag_h3:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "195D72BA-A0A6-4568-BC67-77A44F9E0697",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:nag_h3:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7853DA-0958-401B-83C6-E35FACA4AAF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:nag_h3:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C2BD1454-1D33-4026-A7F6-ADB358D3DC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:nag_h3:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "184A2E09-5784-44C4-A5D9-87EA906F86E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD583BAE-8123-40B9-8A68-96725A86EBF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9CA86E-B688-495F-8233-69632B56E1FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B99A86-A8A6-474E-B54F-9F010FFE7C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88F73B3B-DB27-40F9-BCC2-E5ACC10F2A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4035BF4B-64F9-4A0D-82D0-99276B8B7010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6D808D3F-9332-4667-838C-CD545EDAD37B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "73C0F1DE-D2CB-4FA1-89FA-2C6E0991FDDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6E649CA6-3EBD-40A4-860F-08141F8FB9D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el API de Horde v3.1 anterior a v3.1.6 y v3.2 anterior a v3.2 anterior a v3.2-RC2; Turba H3 v2.1 anterior a v2.1.6 y v2.2 anterior a v2.2-RC2; Kronolith H3 2.1 anterior a v2.1.7 y H3 v2.2 anterior a v2.2-RC2; Nag H3 v2.1 anterior a v2.1.4 y v2.2 anterior a v2.2-RC2; Mnemo H3 v2.1 anterior a v2.1.2 y v2.2 anterior a v2.2-RC2; Horde Groupware v1.0 anterior a v1.0.3 y v1.1 anterior a v1.1-RC2; y Groupware Webmail Edition v1.0 anterior a v1.0.4 y v1.1 anterior a v1.1-RC2; tiene impacto y vectores de ataque desconocidos."
}
],
"id": "CVE-2008-7218",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-13T22:30:00.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28382"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/42775"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27217"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/42775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-6746
Vulnerability from fkie_nvd - Published: 2009-04-23 17:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| horde | turba_h3 | * | |
| horde | turba_h3 | 0.0.1 | |
| horde | turba_h3 | 0.0.2 | |
| horde | turba_h3 | 0.0.3 | |
| horde | turba_h3 | 1.0 | |
| horde | turba_h3 | 1.0 | |
| horde | turba_h3 | 1.1 | |
| horde | turba_h3 | 1.2 | |
| horde | turba_h3 | 1.2.1 | |
| horde | turba_h3 | 1.2.2 | |
| horde | turba_h3 | 1.2.3 | |
| horde | turba_h3 | 1.2.4 | |
| horde | turba_h3 | 1.2.5 | |
| horde | turba_h3 | 2.0 | |
| horde | turba_h3 | 2.0 | |
| horde | turba_h3 | 2.0 | |
| horde | turba_h3 | 2.0 | |
| horde | turba_h3 | 2.0 | |
| horde | turba_h3 | 2.0 | |
| horde | turba_h3 | 2.0.1 | |
| horde | turba_h3 | 2.0.1 | |
| horde | turba_h3 | 2.0.2 | |
| horde | turba_h3 | 2.0.3 | |
| horde | turba_h3 | 2.0.3 | |
| horde | turba_h3 | 2.0.4 | |
| horde | turba_h3 | 2.0.5 | |
| horde | turba_h3 | 2.1 | |
| horde | turba_h3 | 2.1 | |
| horde | turba_h3 | 2.1.1 | |
| horde | turba_h3 | 2.1.2 | |
| horde | turba_h3 | 2.1.3 | |
| horde | turba_h3 | 2.1.4 | |
| horde | turba_h3 | 2.1.5 | |
| horde | turba_h3 | 2.1.6 | |
| horde | turba_h3 | 2.1.7 | |
| horde | turba_h3 | 2.2 | |
| horde | turba_h3 | 2.2 | |
| horde | turba_h3 | 2.2 | |
| horde | turba_h3 | 2.2 | |
| horde | turba_h3 | 2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:horde:turba_h3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45D61822-21E8-4A22-9201-4ED7104F24A2",
"versionEndIncluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B743CB-49C1-4D74-BF47-EE969A3B3314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "759122B2-A78E-487F-B169-D8CBAF694E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9538A1D-FC8D-4809-A22C-153070B90858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "313E4D5E-D8BB-4E89-A15B-2243CFD80F78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "D123373E-BC16-4A32-B278-483CB05B57E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1093122-42C0-4948-B7E3-CF69AFE23A8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07FF05F6-274D-4F52-9924-2AED5FB57D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC970E4-DD4C-4F73-81ED-AB3BA2035169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "308657CE-8112-4B71-B279-71AE5C2656B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A10B7CE6-75F3-4A9D-84FC-B3608D458C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1468FA88-0236-4AC2-8005-771BAC0CADB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDCB4BF-EFCF-4C9E-BB3C-CBF609980A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "265F8139-BDF8-457C-A3B6-041AFA14AEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "4732BCD6-E444-4054-87E6-EFDE065F7582",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "D3885FB2-2D6A-47EE-9156-C5C44897E75B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "654A7D44-2998-4EB5-9D42-C9B0713EB970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CC218B23-C87A-488B-84E6-8B97D58B7660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "89D04A62-87CA-48FD-B28C-9AE3556EF7AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA59046-8729-4ACA-BD56-63F04B85CCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79E44CB2-9960-4A3D-8B38-1A069FBC89D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C29B457A-E80B-4EC5-9DFF-DF3A5D0CC41D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2375DE2-DBAE-4275-B03A-4A0E6958DD36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A1A5388B-2310-4C44-9EDF-E2EDDB8698D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8E5A3AF-B68D-4A8A-86C6-581DDBFEBA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C60703-7863-4C31-8F39-9B0E77F3525A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD583BAE-8123-40B9-8A68-96725A86EBF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "55DE9D91-F494-4946-B6AD-91C27B5D3894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9CA86E-B688-495F-8233-69632B56E1FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B99A86-A8A6-474E-B54F-9F010FFE7C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88F73B3B-DB27-40F9-BCC2-E5ACC10F2A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4035BF4B-64F9-4A0D-82D0-99276B8B7010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6D808D3F-9332-4667-838C-CD545EDAD37B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C26797E3-7181-4519-8D83-B92801BDAB9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4D761FAA-35F5-4570-8FAC-35D956CF6785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.2:alpha:*:*:*:*:*:*",
"matchCriteriaId": "39F8B975-056E-438C-9502-BFA3025C5CBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6E649CA6-3EBD-40A4-860F-08141F8FB9D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E360D4DD-DD33-4B44-AA59-6AFB26B4F5E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "CE8BF387-55C6-4EEA-9989-7F3DB090312C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.2:rc4:*:*:*:*:*:*",
"matchCriteriaId": "80A86199-3908-4084-B4DA-60CB7260C548",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la visualizaci\u00f3n de un contacto en Turba Contact Manager H3 antes de 2.2.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante el nombre del contacto."
}
],
"id": "CVE-2008-6746",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-23T17:30:01.500",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h"
},
{
"source": "cve@mitre.org",
"url": "http://lists.horde.org/archives/announce/2008/000414.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30704"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29743"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.horde.org/archives/announce/2008/000414.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43098"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-4242
Vulnerability from fkie_nvd - Published: 2005-12-14 19:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:horde:turba_h3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F4BFB7D-0AC2-417E-9B4A-FD4F0E84C5DA",
"versionEndIncluding": "2.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "265F8139-BDF8-457C-A3B6-041AFA14AEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA59046-8729-4ACA-BD56-63F04B85CCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C29B457A-E80B-4EC5-9DFF-DF3A5D0CC41D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:horde:turba_h3:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2375DE2-DBAE-4275-B03A-4A0E6958DD36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Horde Turba H3 2.0.4 y anteriores permiten a atacantes remotos inyectar \u0027script\u0027 web o HTML de su elecci\u00f3n mediante (1) la libreta de direcciones y (2) datos de contacto."
}
],
"id": "CVE-2005-4242",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-14T19:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.horde.org/archives/announce/2005/000235.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17968"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.horde.org/archives/announce/2005/000235.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2837"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-7218 (GCVE-0-2008-7218)
Vulnerability from cvelistv5 – Published: 2009-09-13 22:00 – Updated: 2024-08-07 11:56
VLAI?
Summary
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:56:14.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/42775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/42775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/42775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7218",
"datePublished": "2009-09-13T22:00:00",
"dateReserved": "2009-09-13T00:00:00",
"dateUpdated": "2024-08-07T11:56:14.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6746 (GCVE-0-2008-6746)
Vulnerability from cvelistv5 – Published: 2009-04-23 17:00 – Updated: 2024-08-07 11:41
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:41:59.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h"
},
{
"name": "30704",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30704"
},
{
"name": "[announce] 20080613 Turba H3 (2.2.1) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000414.html"
},
{
"name": "turba-contactview-xss(43098)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43098"
},
{
"name": "29743",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29743"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h"
},
{
"name": "30704",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30704"
},
{
"name": "[announce] 20080613 Turba H3 (2.2.1) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000414.html"
},
{
"name": "turba-contactview-xss(43098)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43098"
},
{
"name": "29743",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29743"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h",
"refsource": "CONFIRM",
"url": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h"
},
{
"name": "30704",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30704"
},
{
"name": "[announce] 20080613 Turba H3 (2.2.1) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000414.html"
},
{
"name": "turba-contactview-xss(43098)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43098"
},
{
"name": "29743",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29743"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6746",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-04-23T00:00:00",
"dateUpdated": "2024-08-07T11:41:59.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4242 (GCVE-0-2005-4242)
Vulnerability from cvelistv5 – Published: 2005-12-14 19:00 – Updated: 2024-08-07 23:38
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[horde-announce] 20051211 Turba H3 (2.0.5) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2005/000235.html"
},
{
"name": "17968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17968"
},
{
"name": "ADV-2005-2837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2837"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[horde-announce] 20051211 Turba H3 (2.0.5) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2005/000235.html"
},
{
"name": "17968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17968"
},
{
"name": "ADV-2005-2837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2837"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[horde-announce] 20051211 Turba H3 (2.0.5) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2005/000235.html"
},
{
"name": "17968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17968"
},
{
"name": "ADV-2005-2837",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2837"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4242",
"datePublished": "2005-12-14T19:00:00",
"dateReserved": "2005-12-14T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7218 (GCVE-0-2008-7218)
Vulnerability from nvd – Published: 2009-09-13 22:00 – Updated: 2024-08-07 11:56
VLAI?
Summary
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:56:14.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/42775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/42775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 before 2.2-RC2; Horde Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 has unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[announce] 20080122 Kronolith H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000371.html"
},
{
"name": "[announce] 20080122 Mnemo H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000369.html"
},
{
"name": "[announce] 20080109 Nag H3 (2.1.4) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000363.html"
},
{
"name": "27217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27217"
},
{
"name": "[announce] 20080109 Horde Groupware 1.0.3 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000365.html"
},
{
"name": "[announce] 20080206 Horde Groupware 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000376.html"
},
{
"name": "[announce] 20080122 Turba H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000367.html"
},
{
"name": "FEDORA-2008-2212",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00176.html"
},
{
"name": "[announce] 20080109 Horde 3.1.6 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000360.html"
},
{
"name": "[announce] 20080109 Mnemo H3 (2.1.2) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000364.html"
},
{
"name": "28382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28382"
},
{
"name": "[announce] 20080206 Horde Groupware Webmail Edition 1.1-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000377.html"
},
{
"name": "[announce] 20080110 Horde Groupware Webmail Edition 1.0.4 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000366.html"
},
{
"name": "[announce] 20080109 Turba H3 (2.1.6) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000361.html"
},
{
"name": "horde-hordeapi-privilege-escalation(39599)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39599"
},
{
"name": "[announce] 20080122 Horde 3.2-RC2",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000374.html"
},
{
"name": "[announce] 20080109 Kronolith H3 (2.1.7) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000362.html"
},
{
"name": "[announce] 20080122 Nag H3 (2.2-RC2)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000368.html"
},
{
"name": "42775",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/42775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7218",
"datePublished": "2009-09-13T22:00:00",
"dateReserved": "2009-09-13T00:00:00",
"dateUpdated": "2024-08-07T11:56:14.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6746 (GCVE-0-2008-6746)
Vulnerability from nvd – Published: 2009-04-23 17:00 – Updated: 2024-08-07 11:41
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:41:59.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h"
},
{
"name": "30704",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30704"
},
{
"name": "[announce] 20080613 Turba H3 (2.2.1) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2008/000414.html"
},
{
"name": "turba-contactview-xss(43098)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43098"
},
{
"name": "29743",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29743"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h"
},
{
"name": "30704",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30704"
},
{
"name": "[announce] 20080613 Turba H3 (2.2.1) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2008/000414.html"
},
{
"name": "turba-contactview-xss(43098)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43098"
},
{
"name": "29743",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29743"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the contact display view in Turba Contact Manager H3 before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the contact name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h",
"refsource": "CONFIRM",
"url": "http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.181.2.165\u0026r2=1.181.2.170\u0026ty=h"
},
{
"name": "30704",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30704"
},
{
"name": "[announce] 20080613 Turba H3 (2.2.1) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2008/000414.html"
},
{
"name": "turba-contactview-xss(43098)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43098"
},
{
"name": "29743",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29743"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6746",
"datePublished": "2009-04-23T17:00:00",
"dateReserved": "2009-04-23T00:00:00",
"dateUpdated": "2024-08-07T11:41:59.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4242 (GCVE-0-2005-4242)
Vulnerability from nvd – Published: 2005-12-14 19:00 – Updated: 2024-08-07 23:38
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:38:51.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[horde-announce] 20051211 Turba H3 (2.0.5) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.horde.org/archives/announce/2005/000235.html"
},
{
"name": "17968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17968"
},
{
"name": "ADV-2005-2837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2837"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[horde-announce] 20051211 Turba H3 (2.0.5) (final)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.horde.org/archives/announce/2005/000235.html"
},
{
"name": "17968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17968"
},
{
"name": "ADV-2005-2837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2837"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[horde-announce] 20051211 Turba H3 (2.0.5) (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2005/000235.html"
},
{
"name": "17968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17968"
},
{
"name": "ADV-2005-2837",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2837"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4242",
"datePublished": "2005-12-14T19:00:00",
"dateReserved": "2005-12-14T00:00:00",
"dateUpdated": "2024-08-07T23:38:51.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}