Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpgroupware phpgroupware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2573
PHP remote file inclusion vulnerability in tables_update.inc.php in phpGroupWare 0.9.14.005 and previous versions allows remote malicious users to execute arbitrary PHP code via an external URL in the appdir parameter.
Phpgroupware Phpgroupware 0.9.14.003
Phpgroupware Phpgroupware
1 EDB exploit
NA
CVE-2004-2577
The acl_check function in phpGroupWare 0.9.16RC2 always returns True, even when mkdir does not behave as expected, which could allow remote malicious users to obtain sensitive information via WebDAV from users' home directories that lack .htaccess files, and possibly has oth...
Phpgroupware Phpgroupware 0.9.16rc2
Phpgroupware Phpgroupware 0.9.16rc1
NA
CVE-2003-0657
Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and previous versions could allow remote malicious users to conduct unauthorized database actions.
Phpgroupware Phpgroupware
NA
CVE-2004-2406
Unknown "overflow" in the phpgw_config table for phpGroupWare prior to 0.9.14.002 has unknown attack vectors and impact.
Phpgroupware Phpgroupware
NA
CVE-2004-2407
Unknown vulnerability in phpGroupWare prior to 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality.
Phpgroupware Phpgroupware
NA
CVE-2005-3347
Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and previous versions, as used in phpgroupware 0.9.16 and previous versions, and egrouwpware prior to 1.0.0.009, allow remote malicious users to include arbitrary files via .. (dot dot) sequences in the (...
Phpgroupware Phpgroupware 0.9.16
NA
CVE-2003-0504
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote malicious users to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module.
Phpgroupware Phpgroupware 0.9.14.003
NA
CVE-2006-4458
Directory traversal vulnerability in calendar/inc/class.holidaycalc.inc.php in phpGroupWare 0.9.16.010 and previous versions allows remote malicious users to include arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the GLOBALS[phpgw_info][user][pr...
Phpgroupware Phpgroupware 0.9.16.010
1 EDB exploit
NA
CVE-2001-0043
phpGroupWare prior to 0.9.7 allows remote malicious users to execute arbitrary PHP commands by specifying a malicious include file in the phpgw_info parameter of the phpgw.inc.php program.
Phpgroupware Phpgroupware 0.9.6
NA
CVE-2004-0016
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote malicious users to create and execute PHP files.
Phpgroupware Phpgroupware 0.9.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »