Lucene search
K

215 matches found

Packet Storm
Packet Storm
added 2015/09/28 12:0 a.m.26 views

Collabtive 2.0 Shell Upload

Vulnerability title: Arbitrary File Upload In Collabtive CVE: CVE-2015-0258 Vendor: Collabtive Product: Collabtive Affected version: 2.0 Fixed version: 2.1 Reported by: Arturo Rodriguez Details: It was discovered that authenticated users were able to upload files with extensions: php3, php4, php5...

5.7CVSS0.03781EPSS
Exploits3
Packet Storm
Packet Storm
added 2015/02/27 12:0 a.m.25 views

Collabtive 2.0 Cross Site Scripting

Affected software: collabtive Type of vulnerability: stored xss URL: http://www.collabtive.o-dyn.de/ Discovered by: Provensec Website: http://www.provensec.com Description: collabtive stored xss version:2.0 Proof of concept goto Collabtive add new project with xss payload and save it javascript...

Exploits0
Tenable Nessus
Tenable Nessus
added 2014/09/17 12:0 a.m.9 views

COLLABTIVE Cloud Service Detection

Binary data 8439.prm...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Collabtive 0.65 - Multiple Vulnerabilities

No description provided by source. ANATOLIA SECURITY ADVISORY ------------------------------------ ADVISORY INFO + Title: Collabtive Multiple Vulnerabilities + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt + Advisory ID: 2010-003 + Version: 0.65 + Date: 12/10/2010 + Impact...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

Collabtive 1.2 - SQL Injection

No description provided by source. Vulnerability title: SQL Injection / SQL Error message in Collabtive application CVE-2014-3246 CVE: CVE-2014-3246 cordinated with Vendor: Collabtive Product: Collabtive Open Source Project Management Software Affected version: 1.12 Fixed version: 2.0 Reported by...

6.5CVSS0.3AI score0.01333EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Collabtive SQL Injection Vulnerability

No description provided by source. ANATOLIA SECURITY ADVISORY --------------------------- ADVISORY INFO + Title: Collabtive SQL Injection Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-004.txt + Advisory ID: 2010-004 + Version: 0.65 + Date: 12/10/2010 + Impact:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

Collabtive 0.6.3 - Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Collabtive 1.1 (managetimetracker.php, id param) - SQL Injection

No description provided by source. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ || || || Advisory : Collabtive Sql Injection || || Affected Version : 1.1 || || Vendor : http://collabtive.o-dyn.de/index.php || || Risk : Medium || || CVE-ID : 2013-6872 || || Tested on Platform...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Collabtive 1.0 (manageuser.php, task param) - SQL Injection Vulnerability

No description provided by source. Exploit Title: Collabtive 1.0 SQLi Date: 06/17/2013 Exploit Author: drone @dronesec More information: http://forelsec.blogspot.com/2013/06/collabtive-10-sqli.html Vendor homepage: http://collabtive.o-dyn.de/ Software link:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

Collabtive 1.2 - Stored XSS

No description provided by source. Vulnerability title: Stored XSS vulnerability in Collabtive application CVE-2014-3247 CVE: CVE-2014-3247coordinated with cve assigning team and vendor Vendor: Collabtive Product: Collabtive Open Source Project Management Software Affected version: 1.12 Fixed...

4.3CVSS6.5AI score0.01736EPSS
Exploits5
seebug.org
seebug.org
added 2014/05/21 12:0 a.m.11 views

Collabtive 1.2 /class.project.php 跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2014/05/15 2:55 p.m.17 views

CVE-2014-3247

Cross-site scripting XSS vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project addpro action to admin.php...

4.3CVSS5.2AI score0.01736EPSS
Exploits5References2
Prion
Prion
added 2014/05/15 2:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project addpro action to admin.php...

4.3CVSS5.7AI score0.01736EPSS
Exploits5References2Affected Software1
UbuntuCve
UbuntuCve
added 2014/05/15 2:55 p.m.26 views

CVE-2014-3247

Cross-site scripting XSS vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project addpro action to admin.php...

4.3CVSS6AI score0.01736EPSS
Exploits5References2
Cvelist
Cvelist
added 2014/05/15 2:0 p.m.25 views

CVE-2014-3247

Cross-site scripting XSS vulnerability in Collabtive 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the desc parameter in an Add project addpro action to admin.php...

5.2AI score0.01736EPSS
Exploits5References2
CVE
CVE
added 2014/05/15 2:0 p.m.61 views

CVE-2014-3247

Collabtive 1.2 contains a Stored XSS in the Add Project (admin.php?action=addpro) path. The desc parameter value is copied into the HTML document as plain text between tags, allowing arbitrary JavaScript execution. Affected product/version: Collabtive 1.12; fixed in version 2.0. Impact: authentic...

4.3CVSS5.3AI score0.01736EPSS
Exploits5References2Affected Software1
NVD
NVD
added 2014/05/13 2:55 p.m.23 views

CVE-2014-3246

SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileviewlist action to manageajax.php...

6.5CVSS7.7AI score0.01333EPSS
Exploits6References2
UbuntuCve
UbuntuCve
added 2014/05/13 2:55 p.m.21 views

CVE-2014-3246

SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileviewlist action to manageajax.php...

6.5CVSS6.2AI score0.01333EPSS
Exploits6References3
Prion
Prion
added 2014/05/13 2:55 p.m.14 views

Sql injection

SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileviewlist action to manageajax.php...

6.5CVSS8.4AI score0.01333EPSS
Exploits6References2Affected Software1
CVE
CVE
added 2014/05/13 2:0 p.m.58 views

CVE-2014-3246

CVE-2014-3246 affects Collabtive (1.2/1.12). A SQL injection exists in the folder parameter of the fileview_list action in manageajax.php, exploitable by authenticated users. Several connected sources document the vulnerability, including exploit notes showing the folder parameter can be manipula...

6.5CVSS8AI score0.01333EPSS
Exploits6References2Affected Software1
Rows per page
Query Builder