Vulnerabilities > Phpgroupware > Phpgroupware > 0.9.16.011
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-19 | CVE-2010-0404 | SQL Injection vulnerability in PHPgroupware Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) class.sessions_db.inc.php, (2) class.translation_sql.inc.php, or (3) class.auth_sql.inc.php in phpgwapi/inc/. | 7.5 |
| 2010-05-19 | CVE-2010-0403 | Path Traversal vulnerability in PHPgroupware Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |