CVEブラウザに戻る

CVE-2002-0536

HIGH

7.5

CVSS Severity Score

EPSS Score0.1210%

EPSS Percentile20.98th

Published2002年7月3日

Last Modified2026年4月16日

Vulnerability Description

PHPGroupware 0.9.12 and earlier, when running with the magic_quotes_gpc feature disabled, allows remote attackers to compromise the database via a SQL injection attack.

Affected Platforms (CPE)

📦

Phpgroupware

Phpgroupware

= 0.9.13

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0036.html

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0143.html

🔗 http://www.iss.net/security_center/static/8755.php

🔗 http://www.osvdb.org/5153

🔗 http://www.securityfocus.com/bid/4424

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0036.html

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-04/0143.html

🔗 http://www.iss.net/security_center/static/8755.php

関連する脆弱性情報

CVE-2001-004310.0

phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the ...

CVE-2004-240610.0

Unknown "overflow" in the phpgw_config table for phpGroupWare before 0.9.14.002 has unknown attack vectors and impact.

CVE-2003-059910.0

Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with...

CVE-2004-240710.0

Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the...