Multiple CSRF Vulnerabilities in EGroupware Products
CVE-2014-2987

Currently unrated

Key Information:

Vendor

Egroupware

Status
Egroupware
Vendor
CVE Published:
26 October 2014

What is CVE-2014-2987?

EGroupware products are exposed to multiple cross-site request forgery (CSRF) vulnerabilities that enable remote attackers to hijack the authentication of administrators. These vulnerabilities allow unauthorized actions such as creating an administrator account or altering settings via compromised requests. This can lead to further exploitation, including the potential execution of arbitrary PHP code. Users are advised to update to the latest versions to mitigate risks associated with these vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://advisories.mageia.org/MGASA-2014-0221.html
x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/58346
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.