cbcvebase.
CVE-2008-7219
published 2009-09-13

CVE-2008-7219: Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before…

PriorityP434critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
2.74%
84.3th percentile
Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 before 1.0.4 and 1.1 before 1.1-RC2 does not validate ownership when performing share changes, which has unknown impact and attack vectors.

Affected

24 ranges
VendorProductVersion rangeFixed in
hordegroupware
hordegroupware
hordegroupware
hordegroupware
hordegroupware_webmail_edition
hordegroupware_webmail_edition
hordegroupware_webmail_edition
hordegroupware_webmail_edition
hordekronolith_h3
hordekronolith_h3
hordekronolith_h3
hordekronolith_h3
hordekronolith_h3
hordekronolith_h3
hordekronolith_h3
hordekronolith_h3
hordemnemo_h3
hordemnemo_h3
hordemnemo_h3
hordenag_h3
hordenag_h3
hordenag_h3
hordenag_h3
hordenag_h3
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.