CVE-2006-1260

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.0470%

EPSS Percentile12.06th

Published2006年3月19日

Last Modified2026年4月16日

Vulnerability Description

Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.

Affected Platforms (CPE)

📦

Horde

= 1.2

📦

Horde

= 1.2.1

📦

Horde

= 1.2.2

📦

Horde

= 1.2.3

📦

Horde

= 1.2.4

📦

Horde

= 1.2.5

📦

Horde

= 1.2.6

📦

Horde

= 1.2.7

📦

Horde

= 1.2.8

📦

Horde

= 2.0

📦

Horde

= 2.1

📦

Horde

= 2.1.3

📦

Horde

= 2.2

📦

Horde

= 2.2.1

📦

Horde

= 2.2.3

📦

Horde

= 2.2.4

📦

Horde

= 2.2.4_rc1

📦

Horde

= 2.2.5

📦

Horde

= 2.2.6

📦

Horde

= 2.2.7

📦

Horde

= 2.2.8

📦

Horde

= 2.2.9

📦

Horde

= 3.0

📦

Horde

= 3.0.1

📦

Horde

= 3.0.2

📦

Horde

= 3.0.3

📦

Horde

= 3.0.4

📦

Horde

= 3.0.4_rc1

📦

Horde

= 3.0.4_rc2

📦

Horde

= 3.0.6

📦

Horde

= 3.0.7

📦

Horde

= 3.0.8

📦

Horde

= 3.0.9

References & Advisories

🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043657.html

🔗 http://secunia.com/advisories/19246

🔗 http://secunia.com/advisories/19528

🔗 http://secunia.com/advisories/19619

🔗 http://secunia.com/advisories/19692

🔗 http://secunia.com/advisories/19897

🔗 http://securityreason.com/securityalert/590

🔗 http://securitytracker.com/id?1015771

Vulnerability Description

Affected Platforms (CPE)

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

Horde

References & Advisories

関連する脆弱性情報