Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
addressbook vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-12422
addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution up to and including 3.29.2 might allow malicious users to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this b...
Gnome Evolution
383
VMScore
CVE-2003-0504
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote malicious users to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module.
Phpgroupware Phpgroupware 0.9.14.003
668
VMScore
CVE-2014-2027
eGroupware prior to 1.8.006.20140217 allows remote malicious users to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the (1) addr_fields or (2) trans parameter to addressbook/csv_import.php, (3) cal_fields or (4) trans parame...
Egroupware Egroupware
890
VMScore
CVE-2003-0599
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions prior to 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.
Phpgroupware Phpgroupware
Phpgroupware Phpgroupware 0.9.16prerc
668
VMScore
CVE-2003-0657
Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and previous versions could allow remote malicious users to conduct unauthorized database actions.
Phpgroupware Phpgroupware
755
VMScore
CVE-2002-1131
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and previous versions allows remote malicious users to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
Squirrelmail Squirrelmail
1 EDB exploit
445
VMScore
CVE-2002-1132
SquirrelMail 1.2.7 and previous versions allows remote malicious users to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script.
Squirrelmail Squirrelmail
383
VMScore
CVE-2002-1276
An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.
Squirrelmail Squirrelmail 1.2.8
668
VMScore
CVE-2009-0587
Multiple integer overflows in Evolution Data Server (aka evolution-data-server) prior to 2.24.5 allow context-dependent malicious users to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) cam...
Go-evolution Evolution-data-server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3