CVE-2010-0403

N/A Unknown

Published: May 19, 2010 Modified: April 29, 2026

Description

Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://download.phpgroupware.org/

Source: cve@mitre.org

Patch Vendor Advisory

http://forums.phpgroupware.org/index.php?t=msg&th=98662&start=0&rid=0

Source: cve@mitre.org

Patch

http://lists.gnu.org/archive/html/phpgroupware-users/2010-05/msg00004.html

Source: cve@mitre.org

http://secunia.com/advisories/39665

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/39731

Source: cve@mitre.org

Vendor Advisory

http://www.debian.org/security/2010/dsa-2046

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/511299/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/40167

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2010/1145

Source: cve@mitre.org

Patch Vendor Advisory

http://www.vupen.com/english/advisories/2010/1146

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/58657

Source: cve@mitre.org

http://download.phpgroupware.org/