Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
collabtive vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2010-5285
Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote malicious users to hijack the authentication of administrators for requests that add administrative users via the edituser action.
O-dyn Collabtive 0.6.5
1 EDB exploit
4.3
CVSSv2
CVE-2014-3247
Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project (addpro) action to admin.php.
O-dyn Collabtive 1.2
1 EDB exploit
7.5
CVSSv2
CVE-2013-5027
Collabtive 1.0 has incorrect access control
O-dyn Collabtive 1.0
3.5
CVSSv2
CVE-2019-8935
Collabtive 3.1 allows XSS via the manageuser.php?action=profile id parameter.
O-dyn Collabtive 3.1
3.5
CVSSv2
CVE-2021-3298
Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter.
O-dyn Collabtive 3.1
6.5
CVSSv2
CVE-2015-0258
Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive prior to 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension.
O-dyn Collabtive
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2