VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 27, 2006· Updated Apr 16, 2026

CVE-2006-3237

CVE-2006-3237

Description

Cross-site scripting (XSS) vulnerability in index.php in Enterprise Groupware System (EGS) 1.2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.

Affected products

15
  • Senokian Solutions/Enterprise Groupware Systems15 versions
    cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc2:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc2:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc3:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc4:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc5:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.01:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:*:*:*:*:*:*:*:*range: <=1.2.4
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc1:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.2.3:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.