Directory Traversal Vulnerability in Horde Groupware products
CVE-2008-1284
Currently unrated
Key Information:
- Vendor
Horde
- Vendor
- CVE Published:
- 11 March 2008
What is CVE-2008-1284?
A directory traversal vulnerability exists in Horde Groupware products when specific configurations are in place. This flaw allows remote authenticated users the ability to read and potentially execute arbitrary files on the server by utilizing '..' sequences and null byte injections in theme names. This can gravely compromise the server's security, enabling unauthorized access to sensitive data and execution of arbitrary code.
