PHP remote file inclusion vulnerability in tables_update.inc.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to execute arbitrary PHP code via an external URL in the appdir parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpgroupware | Phpgroupware | * | 0.9.14.005 (including) |
Phpgroupware | Phpgroupware | 0.9.14.003 (including) | 0.9.14.003 (including) |