Lucene search
GoogleOSV:DSA-2013-1HistoryMar 11, 2010 - 12:00 a.m.
egroupware - several vulnerabilities
2010-03-1100:00:00
Google
osv.dev
12
EPSS
0.018
Percentile
88.1%
Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based
groupware suite: Missing input sanitising in the spellchecker integration
may lead to the execution of arbitrary commands and a cross-site scripting
vulnerability was discovered in the login page.
For the stable distribution (lenny), these problems have been fixed in
version 1.4.004-2.dfsg-4.2.
The upcoming stable distribution (squeeze), no longer contains egroupware
packages.
We recommend that you upgrade your egroupware packages.
References
Related
nessus
nessus
Debian DSA-2013-1 : egroupware - several vulnerabilities
2010-03-15 00:00:00
eGroupWare spellchecker.php Arbitrary Shell Command Execution
2010-03-10 00:00:00
GLSA-201412-10 : Multiple packages, Multiple vulnerabilities fixed in 2012
2014-12-15 00:00:00
openvas
openvas
FreeBSD Ports: egroupware
2010-03-16 00:00:00
Debian Security Advisory DSA 2013-1 (egroupware)
2010-03-16 00:00:00
Debian: Security Advisory (DSA-2013-1)
2010-03-16 00:00:00
cvelist
cvelist
CVE-2010-3314
2022-10-03 16:20:54
CVE-2010-3313
2022-10-03 16:20:54
nvd
nvd
CVE-2010-3314
2010-09-22 19:00:03
CVE-2010-3313
2010-09-22 19:00:03
cve
cve
CVE-2010-3314
2022-10-03 16:20:54
CVE-2010-3313
2022-10-03 16:20:54
ubuntucve
ubuntucve
CVE-2010-3314
2010-09-22 00:00:00
CVE-2010-3313
2010-09-22 00:00:00
prion
prion
Cross site scripting
2010-09-22 19:00:00
Code injection
2010-09-22 19:00:00
attackerkb
attackerkb
CVE-2010-3313
2010-09-22 00:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2012
2014-12-11 00:00:00