phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpgroupware | Phpgroupware | 0.9.14.003 | 0.9.14.003 |
Phpgroupware | Phpgroupware | 0.9.1 | 0.9.1 |
Phpgroupware | Phpgroupware | 0.9.2 | 0.9.2 |
Phpgroupware | Phpgroupware | 0.9.7 | 0.9.7 |
Phpgroupware | Phpgroupware | 0.9.13 | 0.9.13 |
Phpgroupware | Phpgroupware | 0.9.14.005 | 0.9.14.005 |
Phpgroupware | Phpgroupware | 0.9.14.006 | 0.9.14.006 |
Phpgroupware | Phpgroupware | 0.9.9 | 0.9.9 |
Phpgroupware | Phpgroupware | 0.9.3 | 0.9.3 |
Phpgroupware | Phpgroupware | 0.9.12 | 0.9.12 |
Phpgroupware | Phpgroupware | 0.9.16.001 | 0.9.16.001 |
Phpgroupware | Phpgroupware | 0.9.6 | 0.9.6 |
Phpgroupware | Phpgroupware | 0.9.4 | 0.9.4 |
Phpgroupware | Phpgroupware | 0.9.16.000 | 0.9.16.000 |
Phpgroupware | Phpgroupware | 0.9.5 | 0.9.5 |
Phpgroupware | Phpgroupware | 0.9.10 | 0.9.10 |
Phpgroupware | Phpgroupware | 0.9.8 | 0.9.8 |
Phpgroupware | Phpgroupware | 0.9.9_pl1 | 0.9.9_pl1 |
Phpgroupware | Phpgroupware | 0.9.14.007 | 0.9.14.007 |