PhpGroupWare Unspecified Remote File Include Vulnerability Network Vulnerability

Summary

The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. This version is prone to a vulnerability that may permit remote attackers, without prior authentication, to include and execute malicious PHP scripts. Remote users may influence URI variables to include a malicious PHP script on a remote system, it is possible to cause arbitrary PHP code to be executed.

Solution

Update to version 0.9.14.006 or newer

References

http://www.phpgroupware.org/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2003-0504

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache CouchDB Cross Site Request Forgery Vulnerability
AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability

PhpGroupWare unspecified remote file include vulnerability

Take action and discover your vulnerabilities