CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-3344

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0710%
EPSS Percentile12.75th
Published2005年11月16日
Last Modified2026年4月16日

Vulnerability Description

The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access.

Affected Platforms (CPE)

📦
Horde

Horde

= 3.0.4

References & Advisories

🔗 http://www.debian.org/security/2005/dsa-884
🔗 http://www.networkscanning.com/Horde-Default-Admin-Password-Vulnerability-VSS_20171.html
🔗 http://www.osvdb.org/24117
🔗 http://www.securityfocus.com/bid/15337/
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/24576
🔗 http://www.debian.org/security/2005/dsa-884
🔗 http://www.networkscanning.com/Horde-Default-Admin-Password-Vulnerability-VSS_20171.html
🔗 http://www.osvdb.org/24117

相關漏洞威脅

CVE-2008-721910.0

Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2....

CVE-2008-721810.0

Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 ...

CVE-2001-137010.0

prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts...

CVE-2020-85189.8

Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.