CVE-2015-7984
published 2015-11-19CVE-2015-7984: Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before…
PriorityP345medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
4.12%
89.5th percentile
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | php-horde | < php-horde 5.2.8+debian0-1 (bookworm) | php-horde 5.2.8+debian0-1 (bookworm) |
| debian | php-horde-kronolith | < php-horde-kronolith 4.2.24-1 (bookworm) | php-horde-kronolith 4.2.24-1 (bookworm) |
| horde | groupware | — | — |
| horde | groupware | >= 5.0.0 < 5.2.11 | 5.2.11 |
| horde | horde_application_framework | >= 5.0.0 < 5.2.8 | 5.2.8 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jcj5-4c5g-3958: Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5
ghsa_unreviewed·2022-05-13
CVE-2015-7984 [MEDIUM] CWE-352 GHSA-jcj5-4c5g-3958: Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php.
GHSA
GHSA-fcjx-8hh3-f9hr: In Horde Groupware 5
ghsa_unreviewed·2022-05-13·CVSS 6.8
CVE-2017-16908 [MEDIUM] CWE-79 GHSA-fcjx-8hh3-f9hr: In Horde Groupware 5
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.
OSV
CVE-2017-16908: In Horde Groupware 5
osv·2017-11-20·CVSS 6.8
CVE-2017-16908 [MEDIUM] CVE-2017-16908: In Horde Groupware 5
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.
OSV
CVE-2015-7984: Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5
osv·2015-11-19·CVSS 6.8
CVE-2015-7984 [MEDIUM] CVE-2015-7984: Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php.
Debian
CVE-2017-16908: php-horde-kronolith - In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a ...
vendor_debian·2017·CVSS 6.8
CVE-2017-16908 [MEDIUM] CVE-2017-16908: php-horde-kronolith - In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a ...
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.
Scope: local
bookworm: resolved (fixed in 4.2.24-1)
bullseye: resolved (fixed in 4.2.24-1)
sid: resolved (fixed in 4.2.24-1)
Debian
CVE-2015-7984: php-horde - Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8...
vendor_debian·2015·CVSS 6.8
CVE-2015-7984 [MEDIUM] CVE-2015-7984: php-horde - Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8...
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php.
Scope: local
bookworm: resolved (fixed in 5.2.8+debian0-1)
bullseye: resolved (fixed in 5.2.8+debian0-1)
sid: resolved (fixed in 5.2.8+debian0-1)
No detection rules found.
http://lists.horde.org/archives/announce/2015/001124.htmlhttp://lists.horde.org/archives/announce/2015/001137.htmlhttp://lists.horde.org/archives/announce/2015/001138.htmlhttp://www.debian.org/security/2015/dsa-3391https://www.exploit-db.com/exploits/38765/https://www.htbridge.com/advisory/HTB23272http://lists.horde.org/archives/announce/2015/001124.htmlhttp://lists.horde.org/archives/announce/2015/001137.htmlhttp://lists.horde.org/archives/announce/2015/001138.htmlhttp://www.debian.org/security/2015/dsa-3391https://www.exploit-db.com/exploits/38765/https://www.htbridge.com/advisory/HTB23272
2015-11-19
Published