Vulnerabilities > CVE-2004-2573 - Remote File Include vulnerability in PHPgroupware 0.9.14.003

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
phpgroupware
exploit available
NVD
Published: 2004-12-31
Updated: 2008-09-05

Summary

PHP remote file inclusion vulnerability in tables_update.inc.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to execute arbitrary PHP code via an external URL in the appdir parameter.

Vulnerable Configurations

Part Description Count
Application
Phpgroupware
2

Exploit-Db

descriptionPHPGroupWare 0.9.14 Tables_Update.Inc.PHP Remote File Include Vulnerability. CVE-2004-2573. Webapps exploit for php platform
idEDB-ID:25043
last seen2016-02-03
modified2004-01-27
published2004-01-27
reporterCedric Cochin
sourcehttps://www.exploit-db.com/download/25043/
titlePHPGroupWare 0.9.14 Tables_Update.Inc.PHP Remote File Include Vulnerability

References