4 matches found
Debian DSA-1978-1 : phpgroupware - several vulnerabilities
Several remote vulnerabilities have been discovered in phpgroupware, a Web-based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-4414 A SQL injection vulnerability was found in the authentication module. -...
CVE-2009-4416
Cross-site scripting XSS vulnerability in login.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allows remote attackers to inject arbitrary web script or HTML via an arbitrary parameter whose name begins with the "phpgw" sequence...
CVE-2009-4416
Cross-site scripting XSS vulnerability in login.php in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allows remote attackers to inject arbitrary web script or HTML via an arbitrary parameter whose name begins with the "phpgw" sequence...
CVE-2009-4416
The CVE-2009-4416 issue affects phpgroupware, specifically the login.php module, where an input validation flaw allows cross-site scripting via arbitrary parameters starting with phpgw_. This is documented in Debian DSA-1978-1 and related OpenVAS entries, which describe multiple remote vulnerabil...