Search
Search Results (27 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0016 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files. | ||||
| CVE-2002-0536 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack. | ||||
| CVE-2004-1384 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) fldball[acctnum] parameters to index.php or (10) ticket_id to viewticket_details.php. | ||||
| CVE-2003-0657 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions. | ||||
| CVE-2004-2406 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| Unknown "overflow" in the phpgw_config table for phpGroupWare before 0.9.14.002 has unknown attack vectors and impact. | ||||
| CVE-2004-2407 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality. | ||||
| CVE-2004-2574 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction. | ||||