• Horde Groupware Webmail Edition is a free, enterprise ready, browser-based communication suite. Pedro Ribeiro reported a remote code execution bug that is affecting Horde versions from at least horde 3.1.x to 5.1.1.

• Upgrade to the latest version of Horde.

• • Remote code execution in horde
  • Fix commit
  • Changelog

• 

• CVE-2014-1691

• CWE-94

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

• Code Execution Missing Update

• WordPress Plugin Paid Downloads 'download_key' Parameter SQL Injection (2.01)
• WordPress Plugin PromoBar by BestWebSoft Cross-Site Scripting (1.1.0)
• WordPress Plugin Evarisk 'ajax.php' SQL Injection (5.1.3.6)
• WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (6.6.4)
• WordPress Plugin Another WordPress Classifieds Cross-Site Scripting (3.3.1)