ID de Prueba:	1.3.6.1.4.1.25623.1.0.14296
Categoría:	Web application abuses
Título:	PhpGroupWare multiple module SQL injection vulnerabilities
Resumen:	The remote host seems to be running PhpGroupWare, is a multi-user groupware; suite written in PHP.;; It has been reported that this version may be prone to multiple SQL injection; vulnerabilities in the 'calendar' and 'infolog' modules.
Descripción:	Summary: The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. It has been reported that this version may be prone to multiple SQL injection vulnerabilities in the 'calendar' and 'infolog' modules. Vulnerability Insight: The problems exist due to insufficient sanitization of user-supplied data. Vulnerability Impact: A remote attacker may exploit these issues to influence SQL query logic to disclose sensitive information that could be used to gain unauthorized access. Solution: Update to version 0.9.14.007 or newer CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0017 BugTraq ID: 9386 http://www.securityfocus.com/bid/9386 Debian Security Information: DSA-419 (Google Search) http://www.debian.org/security/2004/dsa-419 http://www.securitytracker.com/id?1008662 http://secunia.com/advisories/10591
Copyright	Copyright (C) 2004 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.