SQL Injection Vulnerabilities in eGroupware by eGroupWare GmbH
CVE-2005-1203

Currently unrated

Key Information:

Vendor: Egroupware
Status: Egroupware
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-1203?

Multiple SQL injection vulnerabilities exist in the index.php file of eGroupware versions prior to 1.0.0.007. These flaws allow remote attackers to manipulate SQL queries through the 'filter' or 'cats_app' parameters, potentially leading to unauthorized data access or manipulation.

References

http://sourceforge.net/project/shownotes.php?release_id=3...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/13212

vdb-entryx_refsource_BID

http://www.gulftech.org/?node=research&article_id=00069-0...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 21, 2005

Egroupware

What is CVE-2005-1203?

References

Timeline