CVE-2006-1260
published 2006-03-19CVE-2006-1260: Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses…
PriorityP432medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
12.17%
95.6th percentile
Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
| horde | horde | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043657.htmlhttp://secunia.com/advisories/19246http://secunia.com/advisories/19528http://secunia.com/advisories/19619http://secunia.com/advisories/19692http://secunia.com/advisories/19897http://securityreason.com/securityalert/590http://securitytracker.com/id?1015771http://www.debian.org/security/2006/dsa-1033http://www.debian.org/security/2006/dsa-1034http://www.gentoo.org/security/en/glsa/glsa-200604-02.xmlhttp://www.novell.com/linux/security/advisories/2006_04_28.htmlhttp://www.osvdb.org/23918http://www.securityfocus.com/archive/1/427710/100/0/threadedhttp://www.securityfocus.com/bid/17117http://www.vupen.com/english/advisories/2006/0959https://exchange.xforce.ibmcloud.com/vulnerabilities/25239http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043657.htmlhttp://secunia.com/advisories/19246http://secunia.com/advisories/19528http://secunia.com/advisories/19619http://secunia.com/advisories/19692http://secunia.com/advisories/19897http://securityreason.com/securityalert/590http://securitytracker.com/id?1015771http://www.debian.org/security/2006/dsa-1033http://www.debian.org/security/2006/dsa-1034http://www.gentoo.org/security/en/glsa/glsa-200604-02.xmlhttp://www.novell.com/linux/security/advisories/2006_04_28.htmlhttp://www.osvdb.org/23918http://www.securityfocus.com/archive/1/427710/100/0/threadedhttp://www.securityfocus.com/bid/17117http://www.vupen.com/english/advisories/2006/0959https://exchange.xforce.ibmcloud.com/vulnerabilities/25239
2006-03-19
Published