Search CVE reports


Toggle filters

1 – 6 of 6 results


CVE-2023-49006

Medium priority
Needs evaluation

Cross Site Request Forgery (CSRF) vulnerability in Phpsysinfo version 3.4.3 allows a remote attacker to obtain sensitive information via a crafted page in the XML.php file.

1 affected package

phpsysinfo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
phpsysinfo Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2007-4048

Unknown priority

Some fixes available 15 of 24

Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

3 affected packages

egroupware, phpgroupware, phpsysinfo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
egroupware
phpgroupware
phpsysinfo
Show less packages

CVE-2006-3360

Unknown priority
Ignored

Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will...

1 affected package

phpsysinfo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
phpsysinfo
Show less packages

CVE-2005-3348

Unknown priority
Fixed

HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via...

3 affected packages

egroupware, phpgroupware, phpsysinfo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
egroupware
phpgroupware
phpsysinfo
Show less packages

CVE-2005-3347

Unknown priority
Fixed

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot...

3 affected packages

egroupware, phpgroupware, phpsysinfo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
egroupware
phpgroupware
phpsysinfo
Show less packages

CVE-2005-0870

Unknown priority
Fixed

Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) sensor_program parameter to index.php,...

3 affected packages

egroupware, phpgroupware, phpsysinfo

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
egroupware
phpgroupware
phpsysinfo
Show less packages