Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
groupware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1928
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and previous versions allows remote malicious users to upload and possibly execute arbitrary files via the img/wiki_up URL.
Tiki Tikiwiki Cms\\/groupware 1.6.1
Tiki Tikiwiki Cms\\/groupware
2 EDB exploits
NA
CVE-2005-3283
Cross-site scripting (XSS) vulnerability in TikiWiki prior to 1.9.1.1 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Tiki Tikiwiki Cms\\/groupware
Tiki Tikiwiki Cms\\/groupware 1.9.0
NA
CVE-2008-1284
Directory traversal vulnerability in Horde 3.1.6, Groupware prior to 1.0.5, and Groupware Webmail Edition prior to 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte i...
Horde Groupware Webmail Edition
Horde Horde 3.1.6
Horde Groupware
5.4
CVSSv3
CVE-2018-7290
Cross Site Scripting (XSS) exists in Tiki prior to 12.13, 15.6, 17.2, and 18.1.
Tiki Tikiwiki Cms\\/groupware
Tiki Tikiwiki Cms\\/groupware 18.0
NA
CVE-2006-6457
tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote malicious users to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
Tiki Tikiwiki Cms\\/groupware 1.9.5
Tiki Tikiwiki Cms\\/groupware 1.9.2
NA
CVE-2010-1133
Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x prior to 4.2 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors, probably related to (1) tiki-searchindex.php and (2) tiki-searchresults.php.
Tiki Tikiwiki Cms\\/groupware 4.0
Tiki Tikiwiki Cms\\/groupware 4.1
NA
CVE-2010-1135
The user_logout function in TikiWiki CMS/Groupware 4.x prior to 4.2 does not properly delete user login cookies, which allows remote malicious users to gain access via cookie reuse.
Tiki Tikiwiki Cms\\/groupware 4.0
Tiki Tikiwiki Cms\\/groupware 4.1
NA
CVE-2005-4828
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE: it is not clear whether this issue cross...
Kolab Kolab Groupware Server 2.0.0
Kolab Kolab Groupware Server 2.0.1
NA
CVE-2014-4945
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) prior to 6.1.8, as used in Horde Groupware Webmail Edition prior to 5.1.5, allow remote malicious users to inject arbitrary web script or HTML via an unspecified flag in the basic (1) mailbox...
Horde Groupware
Horde Groupware 5.1.3
Horde Groupware 5.1.2
Horde Groupware 5.1.1
Horde Groupware 5.1.0
Horde Internet Mail Program 6.1.3
Horde Internet Mail Program 6.1.2
Horde Internet Mail Program 6.1.1
Horde Internet Mail Program 6.1.0
Horde Internet Mail Program 6.0.0
Horde Groupware 5.0.2
Horde Groupware 5.0.1
Horde Groupware 5.0.0
Horde Internet Mail Program 6.0.5
Horde Internet Mail Program 6.0.4
Horde Internet Mail Program 6.0.3
Horde Internet Mail Program 6.0.2
Horde Internet Mail Program 6.0.1
Horde Groupware 5.0.4
Horde Internet Mail Program 6.1.6
Horde Internet Mail Program 6.1.4
Horde Groupware 5.0.5
NA
CVE-2014-4946
Multiple cross-site scripting (XSS) vulnerabilities in Horde Internet Mail Program (IMP) prior to 6.1.8, as used in Horde Groupware Webmail Edition prior to 5.1.5, allow remote malicious users to inject arbitrary web script or HTML via (1) unspecified flags or (2) a mailbox name ...
Horde Groupware 5.0.2
Horde Groupware 5.0.1
Horde Groupware 5.0.0
Horde Internet Mail Program 6.0.5
Horde Internet Mail Program 6.0.4
Horde Internet Mail Program 6.0.3
Horde Internet Mail Program 6.0.2
Horde Groupware
Horde Groupware 5.1.3
Horde Groupware 5.1.2
Horde Groupware 5.1.1
Horde Internet Mail Program 6.1.3
Horde Internet Mail Program 6.1.2
Horde Internet Mail Program 6.1.1
Horde Internet Mail Program 6.1.0
Horde Internet Mail Program 6.0.0
Horde Groupware 5.1.0
Horde Groupware 5.0.5
Horde Groupware 5.0.3
Horde Internet Mail Program
Horde Internet Mail Program 6.1.5
Horde Internet Mail Program 6.0.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »