Trojan Horse Vulnerability in Horde Groupware Products
CVE-2012-0209
Currently unrated
Key Information:
Badges
๐พ Exploit Exists๐ก Public PoC๐ฃ EPSS 71%
What is CVE-2012-0209?
The identified vulnerability involves a malicious modification introduced into Horde 3.3.12 and its Groupware editions, specifically within the 'templates/javascript/open_calendar.js' file. This modification enables attackers to remotely execute arbitrary PHP code, posing significant security risks. The affected versions were distributed via FTP between November 2011 and February 2012, highlighting the urgent need for users to address this threat to safeguard their applications from exploitation.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

