Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
collabtive vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3247
Cross-site scripting (XSS) vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project (addpro) action to admin.php.
O-dyn Collabtive 1.2
1 EDB exploit
NA
CVE-2010-5284
Multiple cross-site scripting (XSS) vulnerabilities in Collabtive 0.6.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) User parameter in the edit user profile feature to manageuser.php, (2) y parameter in a newcal action to manageajax.php, and the...
O-dyn Collabtive 0.6.5
1 EDB exploit
NA
CVE-2010-5285
Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote malicious users to hijack the authentication of administrators for requests that add administrative users via the edituser action.
O-dyn Collabtive 0.6.5
1 EDB exploit
NA
CVE-2014-3246
SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileview_list action to manageajax.php.
O-dyn Collabtive 1.2
1 EDB exploit
9.8
CVSSv3
CVE-2013-5027
Collabtive 1.0 has incorrect access control
O-dyn Collabtive 1.0
8.8
CVSSv3
CVE-2015-0258
Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive prior to 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension.
O-dyn Collabtive
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2