CVE-2010-0403

Published: 19 May 2010

Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.

Priority

Medium

Status

Package Release Status
phpgroupware
Launchpad, Ubuntu, Debian
Upstream
Released (0.9.16.016)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(pulled 2010-07-27)
Patches:
Vendor: http://www.debian.org/security/2010/dsa-2046