6 matches found
CVE-2010-3314
Cross-site scripting XSS vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
CVE-2010-3314
Cross-site scripting XSS vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
CVE-2010-3314
CVE-2010-3314 is a cross-site scripting (XSS) vulnerability in EGroupware: login.php vulnerable in EGroupware 1.4.001+.002 and 1.6.001+.002 (and EPL 9.1 pre-9.1.20100309, 9.2 pre-9.2.20100309). The lang parameter can inject arbitrary script/HTML. Affected versions include 1.6.x before 1.6.003 and...
FreeBSD Ports: egroupware
The remote host is missing an update to the system as announced in the referenced advisory. VID e39caf05-2d6f-11df-aec2-000c29ba66d2 OpenVAS Vulnerability Test $ Description: Auto generated from VID e39caf05-2d6f-11df-aec2-000c29ba66d2 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
FreeBSD Ports: egroupware
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian DSA-2013-1 : egroupware - several vulnerabilities
Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based groupware suite: Missing input sanitising in the spellchecker integration may lead to the execution of arbitrary commands and a cross-site scripting vulnerability was discovered in the login page. %NASLMINLEVEL 70300 C...