Directory Traversal Vulnerability in Horde Groupware products
CVE-2008-1284

Currently unrated

Key Information:

Vendor

Horde

Vendor
CVE Published:
11 March 2008

What is CVE-2008-1284?

A directory traversal vulnerability exists in Horde Groupware products when specific configurations are in place. This flaw allows remote authenticated users the ability to read and potentially execute arbitrary files on the server by utilizing '..' sequences and null byte injections in theme names. This can gravely compromise the server's security, enabling unauthorized access to sensitive data and execution of arbitrary code.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.