Search for packages
| purl | pkg:composer/egroupware/egroupware@9.1.0 |
| Tags | Ghost |
| Next non-vulnerable version | 23.1.20260113 |
| Latest non-vulnerable version | 26.0.20260113 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-fn24-qm2c-eqef
Aliases: CVE-2010-3313 GHSA-5gx6-f2qq-475f |
EGroupware Code Injection vulnerability `phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php` in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) aspell_path or (2) spellchecker_lang parameters. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-04T14:31:47.351057+00:00 | GHSA Importer | Affected by | VCID-fn24-qm2c-eqef | https://github.com/advisories/GHSA-5gx6-f2qq-475f | 38.1.0 |
| 2026-04-03T21:26:02.962606+00:00 | GitLab Importer | Affected by | VCID-fn24-qm2c-eqef | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/egroupware/egroupware/CVE-2010-3313.yml | 38.1.0 |