Published: 12/08/2009 Updated: 11/10/2018

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

VMScore: 655

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to (1) the showproject action in managefile.php or (2) the Messages feature.

Vulnerable Product	Search on Vulmon	Subscribe to Product
collabtive collabtive 0.4.8

Collabtive 048 Multiple Vulnerabilities Name Multiple Vulnerabilities in Collabtive Systems Affected Collabtive 048 and possibly earlier versions Severity High Impact (CVSSv2) High 8/10, vector: (AV:N/AC:L/Au:S/C:P/I:C/A:P) Vendor collabtiveo-dynde/ Advisory wwwushit/team/ush ...

CWE-20 http://www.securityfocus.com/bid/32229 https://exchange.xforce.ibmcloud.com/vulnerabilities/46498 https://www.exploit-db.com/exploits/7076 http://www.securityfocus.com/archive/1/498186/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/7076/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-6948

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect