SSD Advisory – Horde Groupware Webmail Edition Remote Code Execution
Vulnerability SummaryThe Horde project comprises of several standalone applications and libraries. The Horde Groupware Webmail Edition suite bundles several of them by default, among those, Data is a library used to manager data import/export in several formats, e.g., CSV, iCalendar, vCard, etc.The function in charge of parsing the CSV format uses create_function in a way …
SSD Advisory – Horde Groupware Webmail Edition Remote Code Execution Read More »
