Back to search
CVE-2011-4948
Published: Aug 31, 2012
Modified: Sep 16, 2024
PUBLISHED
Description
Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in the type parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.egroupware.org/epl-changelog
x_refsource_CONFIRM
http://www.egroupware.org/changelog
x_refsource_CONFIRM
52770
vdb-entry
x_refsource_BID
[egroupware-german] 20110805 new EGroupware SECURITY & maintenance release 1.8.001.20110805
mailing-list
x_refsource_MLIST
[oss-security] 20120328 Re: CVE request: egroupware before 1.8.002 various security issues
mailing-list
x_refsource_MLIST
[oss-security] 20120329 Re: CVE request: egroupware before 1.8.002 various security issues
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now