Search CVE reports
1 – 6 of 6 results
CVE-2023-49006
Medium priorityCross Site Request Forgery (CSRF) vulnerability in Phpsysinfo version 3.4.3 allows a remote attacker to obtain sensitive information via a crafted page in the XML.php file.
1 affected package
phpsysinfo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
phpsysinfo | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2007-4048
Unknown prioritySome fixes available 15 of 24
Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
3 affected packages
egroupware, phpgroupware, phpsysinfo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
egroupware | — | — | — | — | — |
phpgroupware | — | — | — | — | — |
phpsysinfo | — | — | — | — | — |
CVE-2006-3360
Unknown priorityDirectory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will...
1 affected package
phpsysinfo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
phpsysinfo | — | — | — | — | — |
CVE-2005-3348
Unknown priorityHTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via...
3 affected packages
egroupware, phpgroupware, phpsysinfo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
egroupware | — | — | — | — | — |
phpgroupware | — | — | — | — | — |
phpsysinfo | — | — | — | — | — |
CVE-2005-3347
Unknown priorityMultiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot...
3 affected packages
egroupware, phpgroupware, phpsysinfo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
egroupware | — | — | — | — | — |
phpgroupware | — | — | — | — | — |
phpsysinfo | — | — | — | — | — |
CVE-2005-0870
Unknown priorityMultiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php,...
3 affected packages
egroupware, phpgroupware, phpsysinfo
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
egroupware | — | — | — | — | — |
phpgroupware | — | — | — | — | — |
phpsysinfo | — | — | — | — | — |