Unauthorized Access Vulnerability in Turba Contact Manager by Horde
CVE-2008-0807
Currently unrated
Key Information:
- Vendor
Horde
- Vendor
- CVE Published:
- 19 February 2008
What is CVE-2008-0807?
The Turba Contact Manager, used in Horde Groupware, contains an improper access control vulnerability that allows remote authenticated users to manipulate address data. By altering the object_id parameter sent to edit.php, such users can gain unauthorized write access to shared address books, potentially compromising the integrity of personal data stored within these address books. This misconfiguration in access rights necessitates immediate attention to safeguard personal and organizational information.
