Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2024/07/07 12:0 a.m.4 views

PT-2024-28943

Name of the Vulnerable Software and Affected Versions EGroupware versions prior to 23.1.20240624 Description The issue arises from the mishandling of an ORDER BY clause, leading to SQL injection by authenticated users when sorting Address Book or InfoLog. This specifically affects the...

9.8CVSS7.3AI score0.00678EPSS
Exploits0References18
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.18 views

PhpGroupWare multiple module SQL injection vulnerabilities

The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. It has been reported that this version may be prone to multiple SQL injection vulnerabilities in the SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a...

7.5CVSS7.2AI score0.01243EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/09/29 12:0 a.m.23 views

Debian DSA-419-1 : phpgroupware - missing filename sanitising, SQL injection

The authors of phpgroupware, a web-based groupware system written in PHP, discovered several vulnerabilities. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2004-0016 In the 'calendar' module, 'save extension' was not enforced for holiday files. As a...

7.5CVSS5.8AI score0.0159EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/08/17 12:0 a.m.19 views

phpGroupWare Multiple Module SQL Injection

The remote host seems to be running PhpGroupWare, a multi-user groupware suite written in PHP. It has been reported that this version may be prone to multiple SQL injection vulnerabilities in the 'calendar' and 'infolog' modules. The problems exist due to insufficient sanitization of user-supplie...

7.5CVSS5.6AI score0.01243EPSS
Exploits0References2
CVE
CVEadded 2004/01/14 5:0 a.m.51 views

CVE-2004-0017

PhpGroupWare (calendar and infolog modules, version 0.9.14 era) is affected by SQL injection vulnerabilities due to non-escaping of user-supplied data, enabling remote attackers to influence SQL query logic. Public sources (Debian DSA-419, OpenVAS entries, and NVD reference) confirm CAN-2004-0017...

7.5CVSS7.5AI score0.01243EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2004/01/09 12:0 a.m.13 views

DSA-419 phpgroupware - missing filename sanitising, SQL injection

Bulletin has no description...

7.5CVSS6.1AI score0.0159EPSS
Exploits0
Cvelist
Cvelistadded 2003/08/14 4:0 a.m.18 views

CVE-2003-0657

Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions...

7.5AI score0.01231EPSS
Exploits0References1
CVE
CVEadded 2003/08/14 4:0 a.m.53 views

CVE-2003-0657

CVE-2003-0657 covers multiple SQL injection vulnerabilities in the infolog module of phpgroupware

7.5CVSS7.6AI score0.01231EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder