Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpgroupware phpgroupware 0.9.14 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0016
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote malicious users to create and execute PHP files.
Phpgroupware Phpgroupware 0.9.14
NA
CVE-2004-0017
Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote malicious users to perform unauthorized database operations.
Phpgroupware Phpgroupware 0.9.14
NA
CVE-2004-1383
Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and previous versions allow remote malicious users to execute arbitrary SQL statements via the (1) order, (2) project_id, (3) pro_main, or (4) hours_id parameters to index.php or (5) ticket_id to viewticket_details...
Phpgroupware Phpgroupware 0.9.14.007
Phpgroupware Phpgroupware 0.9.16.000
Phpgroupware Phpgroupware 0.9.14
Phpgroupware Phpgroupware 0.9.14.003
Phpgroupware Phpgroupware 0.9.16 Rc1
Phpgroupware Phpgroupware 0.9.14.005
Phpgroupware Phpgroupware 0.9.14.006
Phpgroupware Phpgroupware 0.9.12
Phpgroupware Phpgroupware 0.9.13
Phpgroupware Phpgroupware 0.9.16.002
Phpgroupware Phpgroupware 0.9.16.003
1 EDB exploit
NA
CVE-2004-1384
Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) f...
Phpgroupware Phpgroupware 0.9.14
Phpgroupware Phpgroupware 0.9.14.003
Phpgroupware Phpgroupware 0.9.16 Rc1
Phpgroupware Phpgroupware 0.9.14.007
Phpgroupware Phpgroupware 0.9.16.000
Phpgroupware Phpgroupware 0.9.12
Phpgroupware Phpgroupware 0.9.13
Phpgroupware Phpgroupware 0.9.16.002
Phpgroupware Phpgroupware 0.9.16.003
Phpgroupware Phpgroupware 0.9.14.005
Phpgroupware Phpgroupware 0.9.14.006
2 EDB exploits
NA
CVE-2004-1385
phpGroupWare 0.9.16.003 and previous versions allows remote malicious users to gain sensitive information via (1) unexpected characters in the session ID such as shell metacharacters, (2) an invalid appname parameter to preferences.php or (3) an invalid menuaction parameter to in...
Phpgroupware Phpgroupware 0.9.16.000
Phpgroupware Phpgroupware 0.9.16.002
Phpgroupware Phpgroupware 0.9.14.003
Phpgroupware Phpgroupware 0.9.14.005
Phpgroupware Phpgroupware 0.9.14.006
Phpgroupware Phpgroupware 0.9.14.007
Phpgroupware Phpgroupware 0.9.12
Phpgroupware Phpgroupware 0.9.13
Phpgroupware Phpgroupware 0.9.14
Phpgroupware Phpgroupware 0.9.16.003
Phpgroupware Phpgroupware 0.9.16 Rc1
1 EDB exploit
NA
CVE-2004-2573
PHP remote file inclusion vulnerability in tables_update.inc.php in phpGroupWare 0.9.14.005 and previous versions allows remote malicious users to execute arbitrary PHP code via an external URL in the appdir parameter.
Phpgroupware Phpgroupware 0.9.14.003
Phpgroupware Phpgroupware
1 EDB exploit
NA
CVE-2003-0599
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions prior to 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.
Phpgroupware Phpgroupware
Phpgroupware Phpgroupware 0.9.16prerc
NA
CVE-2003-0657
Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and previous versions could allow remote malicious users to conduct unauthorized database actions.
Phpgroupware Phpgroupware
NA
CVE-2003-0504
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote malicious users to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module.
Phpgroupware Phpgroupware 0.9.14.003
NA
CVE-2005-3347
Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and previous versions, as used in phpgroupware 0.9.16 and previous versions, and egrouwpware prior to 1.0.0.009, allow remote malicious users to include arbitrary files via .. (dot dot) sequences in the (...
Phpgroupware Phpgroupware 0.9.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »