CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2576

class.vfs_dav.inc.php in phpGroupWare 0.9.16.000 does not create .htaccess files to enable authorization checks for access to users' home-directory files, which allows remote attackers to obtain sensitive information from these files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.2%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.osvdb.org/7617
https://exchange.xforce.ibmcloud.com/vulnerabilities/19195
https://savannah.gnu.org/bugs/?func=detailitem&item_id=8359
http://www.osvdb.org/7617
https://exchange.xforce.ibmcloud.com/vulnerabilities/19195
https://savannah.gnu.org/bugs/?func=detailitem&item_id=8359

Products affected by CVE-2004-2576

Phpgroupware » Phpgroupware » Version: 0.9.16.000

cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.000

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2576

Products

Pricing

Contact Us