Horde Application Framework Forward Slash Insufficient Filtering Cross-Site Scripting Vulnerability

Bugtraq ID: 31107
Class: Input Validation Error
CVE: CVE-2008-3824
Remote: Yes
Local: No
Published: Sep 10 2008 12:00AM
Updated: Apr 01 2010 07:42PM
Credit: Alexios Fakos
Vulnerable: TPLN TPLN 2.9
RevokeBB RevokeBB 1.0 RC11
Red Hat Fedora 13
Red Hat Fedora 12
Red Hat Fedora 11
phpMyFAQ phpMyFAQ 2.5 -dev
phpMyFAQ phpMyFAQ 2.0.7
Phour Phour r106
NoseRub NoseRub 0.5.2
NoseRub NoseRub 0.6
Mistralys SimpleSite 1.6.4
MAXdev MD-Pro 1.0.76
MAXdev MD-Pro 1.0.73
MAXdev MD-Pro 1.0.72
MAXdev MD-Pro 1.0821
MAXdev MD-Pro 1.081
Logicoder Logicoder r27
Horde Project Horde 3.2.1
Horde Project Horde 3.1.8
Horde Project Horde 3.1.7
Horde Project Horde 3.1.6
Horde Project Horde 3.1.5
Horde Project Horde 3.1.4
Horde Project Horde 3.1.3
Horde Project Horde 3.1.2
Horde Project Horde 3.1.1
Horde Project Horde 3.2
Horde Project Horde 3.1
Horde Project Groupware Webmail Edition 1.1.2
Horde Project Groupware Webmail Edition 1.1.1
Horde Project Groupware Webmail Edition 1.0.7
Horde Project Groupware Webmail Edition 1.0.6
Horde Project Groupware Webmail Edition 1.0.5
Horde Project Groupware Webmail Edition 1.0.4
Horde Project Groupware Webmail Edition 1.0.3
Horde Project Groupware Webmail Edition 1.0-RC2
Horde Project Groupware Webmail Edition 1.0
Horde Project Groupware 1.1.2
Horde Project Groupware 1.1.1
Horde Project Groupware 1.0.6
Horde Project Groupware 1.0.5
Horde Project Groupware 1.0.4
Horde Project Groupware 1.0.3
Horde Project Groupware 1.0.2
Horde Project Groupware 1.0-RC3
Horde Project Groupware 1.0
Flux CMS Popoon r22196
emuCMS emuCMS 0.3
emuCMS emuCMS 0.21
DeluxeBB DeluxeBB 1.0 5
DeluxeBB DeluxeBB 1.0
DeluxeBB DeluxeBB 1.2
DeluxeBB DeluxeBB 1.1
DeluxeBB DeluxeBB 1.09
DeluxeBB DeluxeBB 1.08
DeluxeBB DeluxeBB 1.07
DeluxeBB DeluxeBB 1.06
CakePHP CakePHP 1.2 7296 RC2
CakePHP CakePHP 1.1.8.3544
CakePHP CakePHP 1.1.7.3363
CakePHP CakePHP 1.1.6.3264
CakePHP CakePHP 1.1.5.3148
Not Vulnerable: phpMyFAQ phpMyFAQ 2.0.8
Horde Project Horde 3.2.2
Horde Project Horde 3.1.9
Horde Project Groupware Webmail Edition 1.1.3
Horde Project Groupware Webmail Edition 1.0.8
Horde Project Groupware 1.1.3
Horde Project Groupware 1.0.7


 

Privacy Statement
Copyright 2010, SecurityFocus