Filtered by vendor Phpgroupware Subscriptions

Search

Switch to Advanced Search (Beta)
Total 27 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-0599 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.
CVE-2002-0536 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack.
CVE-2004-0017 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations.
CVE-2003-0657 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions.
CVE-2004-1383 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to execute arbitrary SQL statements via the (1) order, (2) project_id, (3) pro_main, or (4) hours_id parameters to index.php or (5) ticket_id to viewticket_details.php.
CVE-2004-1384 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) kp3, (2) type, (3) msg, (4) forum_id, (5) pos, (6) cats_app, (7) cat_id, (8) msgball[msgnum], (9) fldball[acctnum] parameters to index.php or (10) ticket_id to viewticket_details.php.
CVE-2004-2406 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
Unknown "overflow" in the phpgw_config table for phpGroupWare before 0.9.14.002 has unknown attack vectors and impact.