Vulnerabilities > Phpgroupware > Phpgroupware > 0.9.16
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-05-19 | CVE-2010-0404 | SQL Injection vulnerability in PHPgroupware Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) class.sessions_db.inc.php, (2) class.translation_sql.inc.php, or (3) class.auth_sql.inc.php in phpgwapi/inc/. | 7.5 |
2010-05-19 | CVE-2010-0403 | Path Traversal vulnerability in PHPgroupware Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. | 6.8 |
2005-11-18 | CVE-2005-3347 | Path Traversal vulnerability in PHPgroupware 0.9.16 Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. | 6.8 |