DSA-1978 phpgroupware -- several vulnerabilitiesID: oval:org.mitre.oval:def:6675 | Date: (C)2010-05-24 (M)2022-10-10 |
Class: PATCH | Family: unix |
Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems: An SQL injection vulnerability was found in the authentication module. Multiple directory traversal vulnerabilities were found in the addressbook module. The authentication module is affected by cross-site scripting.