RSS   Vulnerabilities for 'More.groupware'   RSS

2006-09-20
 
CVE-2006-4906

 

 
SQL injection vulnerability in modules/calendar/week.php in More.groupware 0.74 allows remote attackers to execute arbitrary SQL commands via the new_calendarid parameter.

 
2001-10-02
 
CVE-2001-1296

 

 
More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

 


Copyright 2024, cxsecurity.com

 

Back to Top