Remote Command Execution Vulnerability in EGroupware by EGroupware GmbH
CVE-2010-3313

Currently unrated

Key Information:

Vendor: Egroupware
Status: Egroupware
Vendor: CVE Published:; 22 September 2010

What is CVE-2010-3313?

The vulnerability allows remote attackers to execute arbitrary commands on EGroupware installations by manipulating the aspell_path or spellchecker_lang parameters. This exploitation can lead to unauthorized actions taken by an attacker in the context of the affected server, posing significant security risks to users and could compromise sensitive data.

References

http://www.exploit-db.com/exploits/11777/

exploitx_refsource_EXPLOIT-DB

http://www.egroupware.org/news?item=93

x_refsource_CONFIRM

http://www.debian.org/security/2010/dsa-2013

vendor-advisoryx_refsource_DEBIAN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 22, 2010

Egroupware

What is CVE-2010-3313?

References

Timeline