Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egroupware egroupware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3314
Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions prior to 1.6.003; and EPL 9.1 prior to 9.1.20100309 and 9.2 prior to 9.2.20100309; allows remote malicious users to inject arbitrary web script or HTML via t...
Egroupware Egroupware 1.4.001
Egroupware Egroupware 1.6.001\\+.002
Egroupware Egroupware 9.1
Egroupware Egroupware 9.2
Egroupware Egroupware 1.4.001\\+.002
Egroupware Egroupware 1.6.002
Egroupware Egroupware 1.4.002
Egroupware Egroupware 1.6.001
1 EDB exploit
NA
CVE-2010-3313
phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions prior to 1.6.003; and EPL 9.1 prior to 9.1.20100309 and 9.2 prior to 9.2.20100309; allows remote malicious users t...
Egroupware Egroupware 1.6.001\\+.002
Egroupware Egroupware 1.6.001
Egroupware Egroupware 9.1
Egroupware Egroupware 1.6.002
Egroupware Egroupware 1.4.001
Egroupware Egroupware 1.4.002
Egroupware Egroupware 9.2
Egroupware Egroupware 1.4.001\\+.002
1 EDB exploit
NA
CVE-2005-1202
Multiple cross-site scripting (XSS) vulnerabilities in eGroupware prior to 1.0.0.007 allow remote malicious users to inject arbitrary web script or HTML via the (1) ab_id, (2) page, (3) type, or (4) lang parameter to index.php or (5) category_id parameter.
Egroupware Egroupware 1.0.3
Egroupware Egroupware 1.0.6
Egroupware Egroupware 1.0
Egroupware Egroupware 1.0.1
2 EDB exploits
NA
CVE-2005-1203
Multiple SQL injection vulnerabilities in index.php in eGroupware prior to 1.0.0.007 allow remote malicious users to execute arbitrary SQL commands via the (1) filter or (2) cats_app parameter.
Egroupware Egroupware 1.0.1
Egroupware Egroupware 1.0.3
Egroupware Egroupware 1.0.6
Egroupware Egroupware 1.0
2 EDB exploits
NA
CVE-2008-2041
Multiple unspecified vulnerabilities in eGroupWare prior to 1.4.004 have unspecified attack vectors and "grave" impact when the web server has write access to a directory under the web document root.
Egroupware Egroupware 1.4.001
Egroupware Egroupware 1.4.002
Egroupware Egroupware
NA
CVE-2004-1467
Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.0.00.003 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) date or search text field in the calendar module, (2) Field parameter, Filter parameter, QField parameter...
Egroupware Egroupware 1.0
Egroupware Egroupware 1.0.1
Egroupware Egroupware 1.0.3
1 EDB exploit
NA
CVE-2011-4948
Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) prior to 11.1.20110804-1 and EGroupware Community Edition prior to 1.8.001.20110805 allows remote malicious users to read arbitrary files via a ..%2f (encoded dot dot slash) in the type para...
Egroupware Egroupware
Egroupware Egroupware Enterprise Line
NA
CVE-2011-4949
SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php in EGroupware Enterprise Line (EPL) prior to 11.1.20110804-1 and EGroupware Community Edition prior to 1.8.001.20110805 allows remote malicious users to execute arbitrary SQL commands via the id...
Egroupware Egroupware
Egroupware Egroupware Enterprise Line
NA
CVE-2011-4950
Cross-site scripting (XSS) vulnerability in phpgwapi/js/jscalendar/test.php in EGroupware Enterprise Line (EPL) prior to 11.1.20110804-1 and EGroupware Community Edition prior to 1.8.001.20110805 allows remote malicious users to inject arbitrary web script or HTML via the lang pa...
Egroupware Egroupware
Egroupware Egroupware Enterprise Line
NA
CVE-2011-4951
Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware Enterprise Line (EPL) prior to 11.1.20110804-1 and EGroupware Community Edition prior to 1.8.001.20110805 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a...
Egroupware Egroupware
Egroupware Egroupware Enterprise Line
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »