4 matches found
CVE-2026-22243
EGroupware is a Web based groupware server written in PHP. A SQL Injection vulnerability exists in the core components of EGroupware prior to versions 23.1.20260113 and 26.0.20260113, specifically in the Nextmatch filter processing. The flaw allows authenticated attackers to inject arbitrary SQL...
CVE-2026-22243
CVE-2026-22243 — EGroupware SQL Injection (Nextmatch filter processing) Affected software: EGroupware web-based groupware server (PHP), versions prior to 23.1.20260113 and 26.0.20260113. Root cause and vulnerability: An authenticated SQL Injection exists in the Nextmatch filter processing. The is...
EUVD-2026-4883
EGroupware is a Web based groupware server written in PHP. A SQL Injection vulnerability exists in the core components of EGroupware prior to versions 23.1.20260113 and 26.0.20260113, specifically in the Nextmatch filter processing. The flaw allows authenticated attackers to inject arbitrary SQL...
EGroupware SQL Injection Vulnerability
EGroupware is an online office platform developed by EGroupware Inc. Versions of EGroupware prior to 23.1.20260113 and 26.0.20260113 contained a SQL injection vulnerability. This vulnerability stemmed from issues with PHP type confusion handled by the Nextmatch filter, which could lead to SQL...