Lucene search
HistoryMay 13, 2014 - 2:55 p.m.
CVE-2014-3246
sql injection
collabtive 1.2
remote authenticated users
arbitrary sql commands
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
34.5%
SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileview_list action to manageajax.php.
Affected configurations
Node
o-dyncollabtiveMatch1.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| o-dyn:collabtive | o-dyn collabtive | eq | 1.2 |
Related
zdt
zdt
Collabtive 1.12 SQL Injection Vulnerability
2014-05-08 00:00:00
seebug
seebug
Collabtive 1.2 - SQL Injection
2014-07-01 00:00:00
ubuntucve
ubuntucve
CVE-2014-3246
2014-05-13 00:00:00
nvd
nvd
CVE-2014-3246
2014-05-13 14:55:09
prion
prion
Sql injection
2014-05-13 14:55:00
cvelist
cvelist
CVE-2014-3246
2014-05-13 14:00:00
packetstorm
packetstorm
Collabtive 1.12 SQL Injection
2014-05-08 00:00:00
exploitpack
exploitpack
Collabtive 1.2 - SQL Injection
2014-05-08 00:00:00
exploitdb
exploitdb
Collabtive 1.2 - SQL Injection
2014-05-08 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
34.5%
Related for CVE-2014-3246