Search
Search Results (25 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2041 | 1 Egroupware | 1 Egroupware | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in eGroupWare before 1.4.004 have unspecified attack vectors and "grave" impact when the web server has write access to a directory under the web document root. | ||||
| CVE-2007-3155 | 1 Egroupware | 1 Egroupware | 2025-04-09 | N/A |
| Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is already covered by another CVE identifier. | ||||
| CVE-2007-5091 | 1 Egroupware | 1 Egroupware | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.4.001 allow remote attackers to inject arbitrary web script or HTML via the cat_data[color] parameter to (1) preferences/inc/class.uicategories.inc.php and (2) admin/inc/class.uicategories.inc.php. | ||||
| CVE-2007-3154 | 1 Egroupware | 1 Egroupware | 2025-04-09 | N/A |
| Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and other packages, has unknown impact and remote attack vectors. | ||||
| CVE-2023-38328 | 1 Egroupware | 1 Egroupware | 2024-11-21 | 4.9 Medium |
| An issue was discovered in eGroupWare 17.1.20190111. An Improper Password Storage vulnerability affects the setup panel of under setup/manageheader.php, which allows authenticated remote attackers with administrator credentials to read a cleartext database password. | ||||