Summary
The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP.
This version is prone to a vulnerability that may permit remote attackers, without prior authentication, to include and execute malicious PHP scripts. Remote users may influence URI variables to include a malicious PHP script on a remote system, it is possible to cause arbitrary PHP code to be executed.
Solution
Update to version 0.9.14.006 or newer
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2003-0504 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- AbanteCart Multiple Cross-Site Scripting Vulnerabilities
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities