Lucene search
HistoryFeb 03, 2004 - 5:00 a.m.
CVE-2004-0017
cve
2004
sql injection
phpgroupware
calendar
infolog
unauthorized access
7.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
57.8%
Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations.
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpgroupware:phpgroupware | phpgroupware | eq | 0.9.14 |
Related
nessus
nessus
phpGroupWare Multiple Module SQL Injection
2004-08-17 00:00:00
Debian DSA-419-1 : phpgroupware - missing filename sanitising, SQL injection
2004-09-29 00:00:00
openvas
openvas
PhpGroupWare multiple module SQL injection vulnerabilities
2005-11-03 00:00:00
Debian Security Advisory DSA 419-1 (phpgroupware)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-419)
2008-01-17 00:00:00
osv
osv
phpgroupware - missing filename sanitising, SQL injection
2004-01-09 00:00:00
debian
debian
securityvulns
securityvulns
7.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
57.8%
Related for CVE-2004-0017