Horde.Eval.Poor.Input.Validation

description-logoDescription

Indicates a possible attempt at exploiting a remote PHP code-execution vulnerability in Horde.
An attacker can exploit this issue to execute arbitrary malicious PHP code. This may help allow the attacker to compromise the application and the underlying system.

affected-products-logoAffected Products

Horde Horde 3.0.9
Horde Horde 3.0.8
Horde Horde 3.0.7
Horde Horde 3.0.6
Horde Horde 3.0.4 -RC 2
Horde Horde 3.0.4 -RC 1
Horde Horde 3.0.4
Horde Horde 3.0.3
Horde Horde 3.0.2
Horde Horde 3.0.1
Horde Horde 3.0
Horde Horde 3.1

Impact logoImpact

An attacker can execute arbitrary malicious PHP code.

recomended-action-logoRecommended Actions

Upgrade to Horde version 3.1.1 or 3.0.10, or apply patches :

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-11 16.978