ID de Prueba:	1.3.6.1.4.1.25623.1.0.15983
Categoría:	CGI abuses
Título:	PhpGroupWare XSS and SQL injection issues
Resumen:	NOSUMMARY
Descripción:	Description: The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. The remote version of this software is vulnerable to two issues : - A cross site scripting issue may allow an attacker to steal the credentials of third-party users of the remote host - A SQL injection vulnerability may allow an attacker to execute arbitrary SQL statements against the remote database. Solution : Update to the newest version of this software Risk factor : High
Referencia Cruzada:	BugTraq ID: 11952 Common Vulnerability Exposure (CVE) ID: CVE-2004-1384 http://www.securityfocus.com/bid/11952 Bugtraq: 20041215 Multiple phpGroupWare Vulnerabilities [ phpGroupWare 0.9.16.003 && Earlier ] (Google Search) http://marc.info/?l=bugtraq&m=110312656029072&w=2 http://www.gentoo.org/security/en/glsa/glsa-200501-08.xml http://www.gulftech.org/?node=research&article_id=00054-12142004 XForce ISS Database: phpgroupware-index-preferences-xss(18496) https://exchange.xforce.ibmcloud.com/vulnerabilities/18496 Common Vulnerability Exposure (CVE) ID: CVE-2004-1383 XForce ISS Database: phpgroupware-projectid-sql-injection(18498) https://exchange.xforce.ibmcloud.com/vulnerabilities/18498
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.