Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:CGI abuses
Title:PhpGroupWare XSS and SQL injection issues

The remote host seems to be running PhpGroupWare, is a multi-user groupware
suite written in PHP.

The remote version of this software is vulnerable to two issues :

- A cross site scripting issue may allow an attacker to steal the credentials
of third-party users of the remote host

- A SQL injection vulnerability may allow an attacker to execute arbitrary SQL
statements against the remote database.

Solution : Update to the newest version of this software
Risk factor : High

Cross-Ref: BugTraq ID: 11952
Common Vulnerability Exposure (CVE) ID: CVE-2004-1384
Bugtraq: 20041215 Multiple phpGroupWare Vulnerabilities [ phpGroupWare && Earlier ] (Google Search)
XForce ISS Database: phpgroupware-index-preferences-xss(18496)
Common Vulnerability Exposure (CVE) ID: CVE-2004-1383
XForce ISS Database: phpgroupware-projectid-sql-injection(18498)
CopyrightThis script is Copyright (C) 2004 Tenable Network Security

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.