Vulnerabilities > Phpgroupware > Phpgroupware > 0.9.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2578 | Information Disclosure vulnerability in PHPGroupWare Plaintext Cookie Authentication Credentials phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords. | 5.0 |
2001-02-16 | CVE-2001-0043 | Unspecified vulnerability in PHPgroupware 0.9.6 phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the phpgw_info parameter of the phpgw.inc.php program. | 10.0 |