Vulnerabilities > Marc Logemann > More Groupware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-21 | CVE-2006-4906 | SQL Injection vulnerability in Marc Logemann More.Groupware 0.74 SQL injection vulnerability in modules/calendar/week.php in More.groupware 0.74 allows remote attackers to execute arbitrary SQL commands via the new_calendarid parameter. | 7.5 |
2001-10-02 | CVE-2001-1296 | Remote Arbitrary Code Execution vulnerability in Marc Logemann More.Groupware 0.5.1 More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | 5.0 |