CVE-2010-3313

EXPLOITED

EGroupware <1.6.003-9.2.20100309 - Command Injection

Title source: llm

Exploitation Summary

CVE-2010-3313 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Nahuel Grisolia.

AI-analyzed exploit summary The document describes a remote command execution (RCE) vulnerability in EGroupware due to insufficient input sanitization in the `aspell_path` parameter of `spellchecker.php`. It also includes a reflected XSS vulnerability in the `lang` parameter of `login.php`.

Description

phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) aspell_path or (2) spellchecker_lang parameters.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Nahuel Grisolia · textwebappsphp

https://www.exploit-db.com/exploits/11777

View Code ZIP pw:eip

The document describes a remote command execution (RCE) vulnerability in EGroupware due to insufficient input sanitization in the `aspell_path` parameter of `spellchecker.php`. It also includes a reflected XSS vulnerability in the `lang` parameter of `login.php`.

Classification

Writeup 100%

Attack Type

Rce | Xss

Complexity

Trivial

Reliability

Reliable

Target: EGroupware 1.4.001+.002, 1.6.001+.002, Premium Line 9.1, 9.2

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/11777/

Patch, Vendor Advisory x_refsource_confirm

http://www.egroupware.org/news?item=93

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2010/dsa-2013

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2010/09/21/7

Scores

EPSS 0.0230

EPSS Percentile 85.2%

Details

VulnCheck KEV 2020-12-14

CWE

CWE-94

Status published

Products (9)

egroupware/egroupware 1.4.001

egroupware/egroupware 1.4.001\+.002

egroupware/egroupware 1.4.002

egroupware/egroupware 1.6.001

egroupware/egroupware 1.6.001\+.002

egroupware/egroupware 1.6.002

egroupware/egroupware 9.1

egroupware/egroupware 9.2

egroupware/egroupware 0 - 1.6.003Packagist

Published Sep 22, 2010

Tracked Since Feb 18, 2026