Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2006-3548
HistoryJul 13, 2006 - 12:05 a.m.

CVE-2006-3548

2006-07-1300:05:00
mitre
web.nvd.nist.gov
39
cve
2006
3548
xss
vulnerabilities
horde application framework
remote attackers
web script
html

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.4

Confidence

High

EPSS

0.013

Percentile

85.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https, or (4) ftp URI in the url parameter in services/go.php (aka the dereferrer), (5) a javascript URI in the module parameter in services/help (aka the help viewer), and (6) the name parameter in services/problem.php (aka the problem reporting screen).

Affected configurations

Nvd
Node
hordehordeMatch3.0
OR
hordehordeMatch3.0.1
OR
hordehordeMatch3.0.2
OR
hordehordeMatch3.0.3
OR
hordehordeMatch3.0.4
OR
hordehordeMatch3.0.4_rc1
OR
hordehordeMatch3.0.4_rc2
OR
hordehordeMatch3.0.6
OR
hordehordeMatch3.0.7
OR
hordehordeMatch3.0.8
OR
hordehordeMatch3.0.9
OR
hordehordeMatch3.1
OR
hordehordeMatch3.1.1
VendorProductVersionCPE
hordehorde3.0cpe:2.3:a:horde:horde:3.0:*:*:*:*:*:*:*
hordehorde3.0.1cpe:2.3:a:horde:horde:3.0.1:*:*:*:*:*:*:*
hordehorde3.0.2cpe:2.3:a:horde:horde:3.0.2:*:*:*:*:*:*:*
hordehorde3.0.3cpe:2.3:a:horde:horde:3.0.3:*:*:*:*:*:*:*
hordehorde3.0.4cpe:2.3:a:horde:horde:3.0.4:*:*:*:*:*:*:*
hordehorde3.0.4_rc1cpe:2.3:a:horde:horde:3.0.4_rc1:*:*:*:*:*:*:*
hordehorde3.0.4_rc2cpe:2.3:a:horde:horde:3.0.4_rc2:*:*:*:*:*:*:*
hordehorde3.0.6cpe:2.3:a:horde:horde:3.0.6:*:*:*:*:*:*:*
hordehorde3.0.7cpe:2.3:a:horde:horde:3.0.7:*:*:*:*:*:*:*
hordehorde3.0.8cpe:2.3:a:horde:horde:3.0.8:*:*:*:*:*:*:*
Rows per page:
1-10 of 131

Related

openvas 6
cvelist 1
nvd 1
nessus 4
freebsd 1
ubuntucve 1
osv 1
debian 1
openvas
openvas
FreeBSD Ports: horde, horde-php5
2008-09-04 00:00:00
FreeBSD Ports: horde, horde-php5
2008-09-04 00:00:00
SLES9: Security update for horde
2009-10-10 00:00:00
cvelist
cvelist
CVE-2006-3548
2006-07-13 00:00:00
nvd
nvd
CVE-2006-3548
2006-07-13 00:05:00
nessus
nessus
FreeBSD : horde -- various problems in dereferrer (e94cb43d-0c4a-11db-9016-0050bf27ba24)
2006-07-06 00:00:00
openSUSE 10 Security Update : horde (horde-1868)
2007-10-17 00:00:00
Horde < 3.0.11 / 3.1.2 Multiple Script XSS
2006-07-05 00:00:00
freebsd
freebsd
horde -- various problems in dereferrer
2006-06-28 00:00:00
ubuntucve
ubuntucve
CVE-2006-3548
2006-07-13 00:00:00
osv
osv
horde3 - several vulnerabilities
2007-11-09 00:00:00
debian
debian
[SECURITY] [DSA 1406-1] New horde3 packages fix several vulnerabilities
2007-11-09 22:47:35

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.4

Confidence

High

EPSS

0.013

Percentile

85.9%

JSON
Related for CVE-2006-3548
openvas6cvelist1nvd1nessus4freebsd1ubuntucve1osv1debian1