Vulnerabilities > Horde > Horde Application Framework > 3.3.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-04-01 | CVE-2014-1691 | Code Injection vulnerability in Horde Application Framework The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form. | 7.5 |