CVE-2004-2407

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1970%

EPSS Percentile11.89th

PublishedDec 31, 2004

Last ModifiedApr 16, 2026

Vulnerability Description

Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality.

Affected Platforms (CPE)

📦

Phpgroupware

<= 0.9.14

References & Advisories

🔗 http://sourceforge.net/project/shownotes.php?release_id=153116

Related Vulnerabilities

CVE-2003-059910.0

Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with...

CVE-2004-240610.0

Unknown "overflow" in the phpgw_config table for phpGroupWare before 0.9.14.002 has unknown attack vectors and impact.

CVE-2001-004310.0

phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the ...

CVE-2003-06577.5

Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to c...