Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
groupware vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-1134
SQL injection vulnerability in the _find function in searchlib.php in TikiWiki CMS/Groupware 3.x prior to 3.5 allows remote malicious users to execute arbitrary SQL commands via the $searchDate variable.
Tiki Tikiwiki Cms\\/groupware 3.3
Tiki Tikiwiki Cms\\/groupware 3.4
Tiki Tikiwiki Cms\\/groupware 3.1
Tiki Tikiwiki Cms\\/groupware 3.2
Tiki Tikiwiki Cms\\/groupware 3.0
7.5
CVSSv2
CVE-2010-1136
The Standard Remember method in TikiWiki CMS/Groupware 3.x prior to 3.5 allows remote malicious users to bypass access restrictions related to "persistent login," probably due to the generation of predictable cookies based on the IP address and User agent in userslib.ph...
Tiki Tikiwiki Cms\\/groupware 3.1
Tiki Tikiwiki Cms\\/groupware 3.2
Tiki Tikiwiki Cms\\/groupware 3.0
Tiki Tikiwiki Cms\\/groupware 3.3
Tiki Tikiwiki Cms\\/groupware 3.4
4.3
CVSSv2
CVE-2009-3236
The form library in Horde Application Framework 3.2 prior to 3.2.5 and 3.3 prior to 3.3.5; Groupware 1.1 prior to 1.1.6 and 1.2 prior to 1.2.4; and Groupware Webmail Edition 1.1 prior to 1.1.6 and 1.2 prior to 1.2.4; reuses temporary filenames during the upload process which allo...
Horde Application Framework 3.2.3
Horde Application Framework 3.2
Horde Application Framework 3.3.3
Horde Application Framework 3.3.4
Horde Groupware 1.1.4
Horde Groupware 1.1.5
Horde Application Framework 3.2.2
Horde Application Framework 3.2.4
Horde Groupware 1.1
Horde Groupware 1.1.1
Horde Groupware 1.2
Horde Groupware 1.2.1
Horde Application Framework 3.3.1
Horde Application Framework 3.3.2
Horde Groupware 1.2.3
Horde Groupware 1.1.3
Horde Application Framework 3.2.1
Horde Application Framework 3.3
Horde Groupware 1.1.2
Horde Groupware 1.2.2
3.5
CVSSv2
CVE-2017-16907
In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.
Horde Groupware 5.2.21
Horde Groupware 5.2.19
5.1
CVSSv2
CVE-2007-0579
Unspecified vulnerability in the calendar component in Horde Groupware Webmail Edition prior to 1.0, and Groupware prior to 1.0, allows remote malicious users to include certain files via unspecified vectors. NOTE: some of these details are obtained from third party information.
Horde Groupware 1.0 Rc3
Horde Groupware 1.0 Rc2
7.5
CVSSv2
CVE-2005-1925
Multiple directory traversal vulnerabilities in Tikiwiki prior to 1.9.1 allow remote malicious users to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php.
Tiki Tikiwiki Cms\\/groupware 1.9.0
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
4.6
CVSSv2
CVE-2006-0213
Kolab Server 2.0.1, 2.0.2 and development versions pre-2.1-20051215 and previous versions, when authenticating users via secure SMTP, stores authentication credentials in plaintext in the postfix.log file, which allows local users to gain privileges.
Kolab Kolab Groupware Server 2.0.1
Kolab Kolab Groupware Server 2.0.2
Kolab Kolab Groupware Server
4.3
CVSSv2
CVE-2005-3528
Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php in TikiWiki 1.9.0 up to and including 1.9.2 allows remote malicious users to inject arbitrary web script or HTML via the topics_offset parameter.
Tiki Tikiwiki Cms\\/groupware 1.9.1
Tiki Tikiwiki Cms\\/groupware 1.9.2
Tiki Tikiwiki Cms\\/groupware 1.9.0
5
CVSSv2
CVE-2005-3529
tiki-view_forum_thread.php in TikiWiki 1.9.0 up to and including 1.9.2 allows remote malicious users to obtain the installation path via an invalid topics_sort_mode parameter, possibly related to an SQL injection vulnerability.
Tiki Tikiwiki Cms\\/groupware 1.9.0
Tiki Tikiwiki Cms\\/groupware 1.9.1
Tiki Tikiwiki Cms\\/groupware 1.9.2
4.3
CVSSv2
CVE-2010-3695
Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP prior to 4.3.8, and Horde Groupware Webmail Edition prior to 1.2.7, allows remote malicious users to inject arbitrary web script or HTML via the fm_id parameter in a fetchmail_prefs_save action, related t...
Horde Imp 4.1.3
Horde Imp 4.0.4
Horde Imp 2.2.1
Horde Imp 4.1.5
Horde Imp 4.0.3
Horde Imp 2.2.5
Horde Imp 4.3.5
Horde Imp 4.2.2
Horde Imp 4.3
Horde Imp 4.3.2
Horde Imp 3.2.7
Horde Imp 3.2
Horde Imp 3.1.2
Horde Imp 3.2.2
Horde Imp 2.2.2
Horde Imp 2.0
Horde Imp 4.3.3
Horde Imp 3.2.4
Horde Imp 3.2.3
Horde Imp 2.2.8
Horde Imp 3.1
Horde Imp 4.0.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »