CVE-2010-0403

Published: May 18, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

ADV-2010-1146

vdb-entry

x_refsource_VUPEN

ADV-2010-1145

vdb-entry

x_refsource_VUPEN

http://download.phpgroupware.org/

x_refsource_CONFIRM

phpgroupware-about-file-include(58657)

vdb-entry

x_refsource_XF

[phpgroupware-users] 20100512 Phpgroupware security release 0.9.16.016

mailing-list

x_refsource_MLIST

40167

vdb-entry

x_refsource_BID

http://forums.phpgroupware.org/index.php?t=msg&th=98662&start=0&rid=0

x_refsource_CONFIRM

20100514 phpGroupWare SQL Injections and Local File Inclusion Vulnerabilities (CVE-2010-0403 and CVE-2010-0404)

mailing-list

x_refsource_BUGTRAQ

39731

third-party-advisory

x_refsource_SECUNIA

DSA-2046

vendor-advisory

x_refsource_DEBIAN

39665

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-0403

Description

Affected Products

References