EUVD-2014-3009

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Multiple CSRF vulnerabilities in EGroupware allow remote attackers to hijack admin authentication.

Reporter	Title	Published	Views	Family All 13
0day.today	EGroupware 1.8.006 - Multiple Vulnerabilities	17 May 201400:00	–	zdt
CVE	CVE-2014-2987	26 Oct 201418:00	–	cve
Cvelist	CVE-2014-2987	26 Oct 201418:00	–	cvelist
Exploit DB	eGroupWare 1.8.006 - Multiple Vulnerabilities	16 May 201400:00	–	exploitdb
exploitpack	eGroupWare 1.8.006 - Multiple Vulnerabilities	16 May 201400:00	–	exploitpack
htbridge	CSRF and Remote Code Execution in EGroupware	23 Apr 201400:00	–	htbridge
NVD	CVE-2014-2987	26 Oct 201418:55	–	nvd
Packet Storm	EGroupware 1.8.006 Cross Site Request Forgery / Code Injection	16 May 201400:00	–	packetstorm
Prion	Cross site request forgery (csrf)	26 Oct 201418:55	–	prion
Prion	Code injection	27 Oct 201401:55	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "2869c808-f8f6-3516-95bb-105151993115",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "768bd49b-ddf3-324d-81b3-bd9eeeedfc16",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2014-2987
advisories	www.advisories.mageia.org/MGASA-2014-0221.html
mandriva	www.mandriva.com/security/advisories
secunia	www.secunia.com/advisories/58346
egroupware	www.egroupware.org/forum
htbridge	www.htbridge.com/advisory/HTB23212
egroupware	www.egroupware.org/changelog
securityfocus	www.securityfocus.com/archive/1/532103/100/0/threaded
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 26.8

EPSS0.03251

csrf vulnerability egroupware remote attack admin authentication