Search | Research | Contact Us Tuesday October 10, 2021
Languages
Most Viewed Items
  1 PHPXMLRPC Library Remote Code Execution
  2 XOOPS 2.0.11 && Earlier Multiple Vulnerabilities
  3 Multiple Invision Power Board Vulnerabilities
  4 Mambo Multiple Vulnerabilities
  5 eBay And Amazon Still Vulnerable
  6 PEAR XML_RPC Library Remote Code Execution
  7 When Small Mistakes Can Cause Big Problems
  8 Woltlab Burning Board SQL Injection Vulnerability
  9 WordPress 1.5.1.2 And Earlier Multiple Vulnerabilities
10 MySQL Eventum Multiple Vulnerabilities
Need Secure Code?
Quick Search
You can use the form below to search our site. Just enter the keywords to search.
Home Services Archives Research Downloads Contact
Multiple eGroupware Vulnerabilities
April 20, 2022
Vendor : eGroupware
URL : http://www.egroupware.org/
Version : Versions Prior To 1.0.0.007
Risk : Multiple Vulnerabilities


Description:
eGroupware is a very popular open source web based collaboration software that can be used within an intranet, or externally via the internet to build a community and/or help coordinate large projects. eGroupware also comes pre packaged in some linux distributions. GulfTech Security Research has found a few high risk SQL Injection vulnerabilities as well as Cross Site Scripting vulnerabilities. A new version of eGroupware is now available and all eGroupware users should upgrade immediately. Not only does the new eGroupware release address these security issues, but it also includes a number of important bugfixes!


Cross Site Scripting:
Cross site scripting exists in eGroupware. This vulnerability exists due to user supplied input not being checked properly. Below are examples that can be used for reference.

http://egroupware/index.php?menuaction=addressbook.uiaddressbook.edit&ab;_id=11[XSS]
http://egroupware/index.php?menuaction=manual.uimanual.view&page;=ManualAddressbook[XSS]
http://egroupware/index.php?menuaction=forum.uiforum.post&type;=new[XSS]
http://egroupware/wiki/index.php?page=RecentChanges[XSS]
http://egroupware/wiki/index.php?action=history&page;=WikkiTikkiTavi⟨=en[XSS]
http://egroupware/index.php?menuaction=wiki.uiwiki.edit&page;=setup[XSS]
http://egroupware/sitemgr/sitemgr-site/?category_id=4[XSS]

This vulnerability could be used to steal cookie based authentication credentials within the scope of the current domain, or render hostile code in a victim's browser.


SQL Injection:
There are a number of SQL Injection vulnerabilities in eGroupware. These issues can be used by an attacker to retrieve sensitive information from the underlying database and aid in further attacks. Examples below

http://egroupware/tts/index.php?filter=u99[SQL]
http://egroupware/tts/index.php?filter=c99[SQL]
http://egroupware/index.php?menuaction=preferences.uicategories.index&cats;_app=foobar[SQL]

We will not be releasing any exploited code as requested by the developers but these issues are not hard to exploit and all users should upgrade immediately.


Solution:
eGroupware 1.0.0.007 has been released to address these issues, and users can finfd the updated packages at the following location.

http://www.egroupware.org/

Special thanks to Mr Ralf Becker and the rest of the eGroupware team for addressing these issues fairly quickly despite the recent constitution and admin elections etc.


Credits:
James Bercegay of the GulfTech Security Research Team