Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
groupware vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-7804
ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for Windows 7, 8, and 10 allows an malicious user to execute arbitrary command via the ShellExec method.
Handysoft Groupware 1.7.3.1
7.5
CVSSv2
CVE-2019-19907
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core prior to 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data.
Kopano Groupware Core
10
CVSSv2
CVE-2008-7219
Horde Kronolith H3 2.1 prior to 2.1.7 and 2.2 prior to 2.2-RC2; Nag H3 2.1 prior to 2.1.4 and 2.2 prior to 2.2-RC2; Mnemo H3 2.1 prior to 2.1.2 and H3 2.2 prior to 2.2-RC2; Groupware 1.0 prior to 1.0.3 and 1.1 prior to 1.1-RC2; and Groupware Webmail Edition 1.0 prior to 1.0.4 and...
Horde Kronolith H3 2.1.3
Horde Kronolith H3 2.1.6
Horde Nag H3 2.1
Horde Groupware 1.0
Horde Groupware 1.0.2
Horde Nag H3 2.1.2
Horde Nag H3 2.1.3
Horde Nag H3 2.2
Horde Mnemo H3 2.1
Horde Kronolith H3 2.1.4
Horde Kronolith H3 2.1
Horde Kronolith H3 2.1.2
Horde Kronolith H3 2.1.5
Horde Groupware 1.1
Horde Mnemo H3 2.1.1
Horde Groupware Webmail Edition 1.1
Horde Groupware Webmail Edition 1.0
Horde Groupware Webmail Edition 1.0.2
Horde Kronolith H3 2.1.1
Horde Kronolith H3 2.2
Horde Nag H3 2.1.1
Horde Mnemo H3 2.2
4.3
CVSSv2
CVE-2016-7394
tiki wiki cms groupware <=15.2 has a xss vulnerability, allow attackers steal user's cookie.
Tiki Tikiwiki Cms\\/groupware
4.3
CVSSv2
CVE-2012-1028
Cross-site scripting (XSS) vulnerability in bin/index.php in SimpleGroupware 0.742 and other versions prior to 0.743 allows remote malicious users to inject arbitrary web script or HTML via the export parameter.
Simple-groupware Simplegroupware 0.742
1 EDB exploit
4.3
CVSSv2
CVE-2013-6022
A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code.
Tiki Tikiwiki Cms\\/groupware
4.3
CVSSv2
CVE-2008-1047
Cross-site scripting (XSS) vulnerability in tiki-edit_article.php in TikiWiki prior to 1.9.10.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Tiki Tikiwiki Cms\\/groupware
3.5
CVSSv2
CVE-2018-14849
Tiki prior to 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php.
Tiki Tikiwiki Cms\\/groupware
3.5
CVSSv2
CVE-2018-14850
Stored XSS vulnerabilities in Tiki prior to 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
Tiki Tikiwiki Cms\\/groupware
7.5
CVSSv2
CVE-2010-5008
SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote malicious users to execute arbitrary SQL commands via the ContactID parameter.
Denaliintranet Brightsuite Groupware 5.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »