Vulnerabilities > CVE-2004-2576 - Unspecified vulnerability in PHPgroupware 0.9.16.000

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

phpgroupware

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

class.vfs_dav.inc.php in phpGroupWare 0.9.16.000 does not create .htaccess files to enable authorization checks for access to users' home-directory files, which allows remote attackers to obtain sensitive information from these files.

Vulnerable Configurations

Part	Description	Count
Application	Phpgroupware Phpgroupware Phpgroupware 0.9.16.000	1

References

http://www.osvdb.org/7617
http://www.osvdb.org/7617
https://exchange.xforce.ibmcloud.com/vulnerabilities/19195
https://exchange.xforce.ibmcloud.com/vulnerabilities/19195
https://savannah.gnu.org/bugs/?func=detailitem&item_id=8359
https://savannah.gnu.org/bugs/?func=detailitem&item_id=8359