CVE-2009-0932
NUCLEIDebian Horde - Path Traversal
Title source: ruleDescription
Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by skysbsb · textwebappsphp
https://www.exploit-db.com/exploits/16154
Nuclei Templates (1)
Horde/Horde Groupware - Local File Inclusion
MEDIUMby pikpikcu
References (12)
Scores
EPSS
0.0561
EPSS Percentile
90.2%
Classification
CWE
CWE-22
Status
draft
Affected Products (10)
debian/horde
debian/horde
debian/horde
debian/horde
debian/horde
debian/horde
debian/horde_groupware
debian/horde_groupware
debian/horde_groupware
debian/horde_groupware
Timeline
Published
Mar 17, 2009
Tracked Since
Feb 18, 2026