Summary
The remote host is running a version of PhpGroupware which is vulnerable to a remote attack.
PhpGroupWare is a multi-user groupware suite written in PHP.
It has been reported that this version may be prone to a vulnerability that may allow remote attackers to execute malicious scripts on a vulnerable system. The flaw allows remote attackers to upload server side scripts which can then be executed on the server.
Solution
Update to version 0.9.14.007 or newer
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2004-0016 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- ASP Inline Corporate Calendar SQL injection
- ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities
- Allegro RomPager `Misfortune Cookie` Vulnerability
- 3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
- AjaXplorer zoho plugin Directory Traversal Vulnerability