CVE-2001-0043

HIGH

phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the phpgw_info parameter of the phpgw.inc.php program.

Score CVSS v2.0

10.0

/ 10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Informations

Publié: 16 févr. 2001
Mis à jour: 16 avr. 2026
Statut: Modified
Source: cve@mitre.org

Produits affectés

phpgroupware phpgroupware

Versions : 0.9.6

Faiblesses (CWE)

NVD-CWE-Other

Références (10)

http://archives.neohapsis.com/archives/bugtraq/2000-12/0053.html
ExploitPatchVendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=17604
Patch
http://www.osvdb.org/1682
http://www.securityfocus.com/bid/2069
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5650
http://archives.neohapsis.com/archives/bugtraq/2000-12/0053.html
ExploitPatchVendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=17604
Patch
http://www.osvdb.org/1682
http://www.securityfocus.com/bid/2069
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5650

Surveillez vos produits

Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.

Activer la surveillance