SSD Advisory – Horde Groupware Webmail Authenticated Arbitrary File Injection to RCE
Vulnerabilities SummaryThe following advisory discusses an arbitrary file injection vulnerability that leads to remote code execution in Horde Groupware Webmail. This vulnerability can be exploited by any authenticated, unprivileged user which able to create a malicious PHP file under the Horde web root and gain arbitrary code execution on the server. The vulnerability is located …
SSD Advisory – Horde Groupware Webmail Authenticated Arbitrary File Injection to RCE Read More »
