Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Groupoffice Security Vulnerabilities

cve
cve

CVE-2024-22418

Group-Office is an enterprise CRM and groupware tool. Affected versions are subject to a vulnerability which is present in the file upload mechanism of Group Office. It allows an attacker to execute arbitrary JavaScript code by embedding it within a file's name. For instance, using a filename such....

5.4CVSS

8AI Score

0.0004EPSS

2024-01-18 09:15 PM
67
cve
cve

CVE-2023-46730

Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery (SSRF) vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests...

8.8CVSS

7.3AI Score

0.001EPSS

2023-11-07 06:15 PM
21
cve
cve

CVE-2012-4240

SQL injection vulnerability in modules/calendar/json.php in Group-Office community before 4.0.90 allows remote authenticated users to execute arbitrary SQL commands via the sort...

8AI Score

0.001EPSS

2014-09-11 02:16 PM
18