oss-sec mailing list archives
CVE request: remote code execution in egroupware <= 1.8.005
From: Pedro Ribeiro <pedrib () gmail com>
Date: Wed, 19 Feb 2014 10:08:37 +0000
Hi I have discovered a remote code execution via php unserialize in egroupware <= 1.8.005. Can you please assign a CVE for this vulnerability? The full report can be obtained from my repo in https://github.com/pedrib/PoC/raw/master/egroupware-1.8.005.txt The changelog can be seen at http://www.egroupware.org/changelog and new versions can be obtained from http://www.egroupware.org/download Thanks in advance. Regards Pedro
Current thread:
- CVE request: remote code execution in egroupware <= 1.8.005 Pedro Ribeiro (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 cve-assign (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 Ralf Becker (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 Pedro Ribeiro (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 Ralf Becker (Feb 19)
- Re: CVE request: remote code execution in egroupware <= 1.8.005 cve-assign (Feb 19)