CVE-2005-1203
published 2005-05-02CVE-2005-1203: Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the (1) filter…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.20%
86.5th percentile
Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the (1) filter or (2) cats_app parameter.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| egroupware | egroupware | — | — |
| egroupware | egroupware | — | — |
| egroupware | egroupware | — | — |
| egroupware | egroupware | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
eGroupWare 1.0 - '/tts/index.php?filter' SQL Injection
exploitdb·2005-04-18
CVE-2005-1203 eGroupWare 1.0 - '/tts/index.php?filter' SQL Injection
eGroupWare 1.0 - '/tts/index.php?filter' SQL Injection
---
source: https://www.securityfocus.com/bid/13212/info
eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available.
The issues arise due to a failure of the application to properly validate user-supplied input. These issues result in cross-site scripting and SQL injection attacks.
http://egroupware/tts/index.php?filter=u99[SQL]
http://egroupware/tts/index.php?filter=c99[SQL]
Exploit-DB
eGroupWare 1.0 - 'index.php?cats_app' SQL Injection
exploitdb·2005-04-18
CVE-2005-1203 eGroupWare 1.0 - 'index.php?cats_app' SQL Injection
eGroupWare 1.0 - 'index.php?cats_app' SQL Injection
---
source: https://www.securityfocus.com/bid/13212/info
eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available.
The issues arise due to a failure of the application to properly validate user-supplied input. These issues result in cross-site scripting and SQL injection attacks.
http://egroupware/index.php?menuaction=preferences.uicategories.index&cats_app=foobar[SQL]
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=111401760125555&w=2http://secunia.com/advisories/14982http://security.gentoo.org/glsa/glsa-200504-24.xmlhttp://sourceforge.net/project/shownotes.php?release_id=320768http://www.gulftech.org/?node=research&article_id=00069-04202005http://www.osvdb.org/15753http://www.securityfocus.com/bid/13212http://marc.info/?l=bugtraq&m=111401760125555&w=2http://secunia.com/advisories/14982http://security.gentoo.org/glsa/glsa-200504-24.xmlhttp://sourceforge.net/project/shownotes.php?release_id=320768http://www.gulftech.org/?node=research&article_id=00069-04202005http://www.osvdb.org/15753http://www.securityfocus.com/bid/13212
2005-05-02
Published