PublicDate: 2005-05-02 04:00:00 UTC
Candidate: CVE-2005-0870
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0870
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when
 register_globals is enabled, allow remote attackers to inject arbitrary web
 script or HTML via the (1) sensor_program parameter to index.php, (2)
 text[language], (3) text[template], or (4) hide_picklist parameter to
 system_footer.php.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_phpsysinfo: released (2.3-7)
edgy_phpsysinfo: released (2.3-7)
feisty_phpsysinfo: released (2.3-7)
devel_phpsysinfo: released (2.3-7)
dapper_egroupware: released (1.0.0.009.dfsg-3-4)
edgy_egroupware: released (1.0.0.009.dfsg-3-4)
feisty_egroupware: released (1.0.0.009.dfsg-3-4)
devel_egroupware: released (1.0.0.009.dfsg-3-4)
dapper_phpgroupware: released (0.9.16.010-1)
edgy_phpgroupware: released (0.9.16.010-1)
feisty_phpgroupware: released (0.9.16.010-1)
devel_phpgroupware: released (0.9.16.010-1)
upstream_egroupware: needs-triage
upstream_phpgroupware: needs-triage
upstream_phpsysinfo: needs-triage