CVE-2026-46445

SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection...

EUVD-2026-24254

mailcow: dockerized is an open source groupware/email suite based on docker. In versions prior to 2026-03b, the admin dashboard's Autodiscover logs render the EMailAddress value logged as the "user" field without HTML escaping. By submitting an unauthenticated Autodiscover request with a crafted...

Enisys Gw vulnerable to arbitrary file creation

Overview Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw contains a vulnerability that may allow a remote attacker to create arbitrary files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

Enisys Gw vulnerable to SQL injection

Overview Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw contains an SQL injection vulnerability CWE-89. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

Collabtive Detection

This host is running Collabtive, a Project Management and Open Source Groupware. OpenVAS Vulnerability Test $Id: gbcollabtivedetect.nasl 5723 2017-03-24 15:46:34Z cfi $ Collabtive Detection Authors: Michael Meyer Copyright: Copyright c 2010 Greenbone Networks GmbH This program is free software; y...

security hole in os groupware suite PHProjekt

Overview PHProjekt is an open source groupware suite written in PHP4 with mysql/postgres/oracle/informix/ms-sql support: www.PHProjekt.com The security hole concernes the several modules. Details By modifying the ID number in links an user can view, moduify or delete data of other users randomly...