3 matches found
CVE-2004-1384
CVE-2004-1384 refers to multiple XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier, exploitable via parameters to index.php or ticket_id to viewticket_details.php. Related CVEs include CVE-2004-1383 (SQL injection) and CVE-2004-1385 (information disclosure). Public sources consistently d...
CVE-2004-1384
Multiple cross-site scripting XSS vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 kp3, 2 type, 3 msg, 4 forumid, 5 pos, 6 catsapp, 7 catid, 8 msgballmsgnum, 9 fldballacctnum parameters to index.php or 10 ticketid to...
phpGroupWare <= 0.9.16.003 Multiple Vulnerabilities
The remote host seems to be running PhpGroupWare, a multi-user groupware suite written in PHP. The remote version of this software is vulnerable to multiple issues : - A cross-site scripting issue may allow an attacker to steal the credentials of third-party users of the remote host. CVE-2004-138...