Lucene search
K

215 matches found

nvd
nvd
added 2009/08/12 10:30 a.m.11 views

CVE-2008-6947

Collabtive 0.4.8 allows remote attackers to bypass authentication and create new users, including administrators, via unspecified vectors associated with the added mode in a users action to admin.php...

7.5CVSS6.9AI score0.07871EPSS
Exploits0References4
prion
prion
added 2009/08/12 10:30 a.m.17 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Collabtive 0.4.8 allow remote attackers to hijack the authentication of administrators for requests that 1 submit or edit a new project, or 2 upload files to a project, or 3 attach files to messages via unknown vectors. NOTE: these issue...

6.8CVSS7.9AI score0.0179EPSS
Exploits0References2Affected Software1
prion
prion
added 2009/08/12 10:30 a.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in manageproject.php in Collabtive 0.4.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via the project Name, which is not properly handled when the administrator performs an editform action, related to admin.php...

4.3CVSS6.1AI score0.03435EPSS
Exploits0References4Affected Software1
cve
cve
added 2009/08/12 10:0 a.m.44 views

CVE-2008-6947

CVE-2008-6947 affects Collabtive 0.4.8. The vulnerability allows remote attackers to bypass authentication and create new users (including administrators) through an unspecified vector related to the added mode in a users action to admin.php. The connected sources (NVD, CVE listings, and related ...

7.5CVSS7.1AI score0.07871EPSS
Exploits0References4Affected Software1
cve
cve
added 2009/08/12 10:0 a.m.45 views

CVE-2008-6949

CVE-2008-6949 affects Collabtive 0.4.8 with multiple CSRF vulnerabilities that let an attacker hijack administrator authentication to perform actions such as submitting or editing a project, uploading files to a project, or attaching files to messages. The issues may be leveraged with other vulne...

6.8CVSS7.4AI score0.0179EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2009/08/12 10:0 a.m.24 views

CVE-2008-6948

Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to 1 the showproject acti...

7.3AI score0.07874EPSS
Exploits0References4
cvelist
cvelist
added 2009/08/12 10:0 a.m.25 views

CVE-2008-6949

Multiple cross-site request forgery CSRF vulnerabilities in Collabtive 0.4.8 allow remote attackers to hijack the authentication of administrators for requests that 1 submit or edit a new project, or 2 upload files to a project, or 3 attach files to messages via unknown vectors. NOTE: these issue...

7.3AI score0.0179EPSS
Exploits0References2
cve
cve
added 2009/08/12 10:0 a.m.42 views

CVE-2008-6946

CVE-2008-6946 describes a cross-site scripting (XSS) vulnerability in Collabtive 0.4.8. The issue affects manageproject.php where the project name is not properly sanitized during an admin editform action, enabling user-assisted remote attackers to inject arbitrary web script or HTML. The core de...

4.3CVSS5.8AI score0.03435EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2009/08/12 10:0 a.m.17 views

CVE-2008-6947

Collabtive 0.4.8 allows remote attackers to bypass authentication and create new users, including administrators, via unspecified vectors associated with the added mode in a users action to admin.php...

6.9AI score0.07871EPSS
Exploits0References4
cve
cve
added 2009/08/12 10:0 a.m.40 views

CVE-2008-6948

The CVE-2008-6948 entry describes an Unrestricted file upload vulnerability in Collabtive 0.4.8. A remote authenticated user can upload a file with an executable extension and a text/plain MIME type, then access it via a direct request to the file in the files/ directory to execute arbitrary code...

6.5CVSS7.6AI score0.07874EPSS
Exploits0References4Affected Software1
seebug
seebug
added 2008/11/11 12:0 a.m.22 views

Collabtive 0.4.8 (XSS/Auth Bypass/Upload) Multiple Vulnerabilities

No description provided by source. Collabtive 0.4.8 Multiple Vulnerabilities Name Multiple Vulnerabilities in Collabtive Systems Affected Collabtive 0.4.8 and possibly earlier versions Severity High Impact CVSSv2 High 8/10, vector: AV:N/AC:L/Au:S/C:P/I:C/A:P Vendor http://collabtive.o-dyn.de/...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/11/10 12:0 a.m.46 views

Collabtive 0.4.8 Multiple Vulnerabilities

Collabtive 0.4.8 Multiple Vulnerabilities Name Multiple Vulnerabilities in Collabtive Systems Affected Collabtive 0.4.8 and possibly earlier versions Severity High Impact CVSSv2 High 8/10, vector: AV:N/AC:L/Au:S/C:P/I:C/A:P Vendor http://collabtive.o-dyn.de/ Advisory...

6.5AI score
Exploits0
zdt
zdt
added 2008/11/10 12:0 a.m.24 views

Collabtive 0.4.8 (XSS/Auth Bypass/Upload) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== Collabtive 0.4.8 XSS/Auth Bypass/Upload Multiple Vulnerabilities ================================================================== Collabtive 0.4.8 Multiple Vulnerabilitie...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/11/10 12:0 a.m.15 views

Collabtive 0.4.8 - Cross-Site Scripting Authentication Bypass Arbitrary File Upload

Collabtive 0.4.8 - Cross-Site Scripting Authentication Bypass Arbitrary File Upload Collabtive 0.4.8 Multiple Vulnerabilities Name Multiple Vulnerabilities in Collabtive Systems Affected Collabtive 0.4.8 and possibly earlier versions Severity High Impact CVSSv2 High 8/10, vector:...

0.5AI score
Exploits0
exploitdb
exploitdb
added 2008/11/10 12:0 a.m.43 views

Collabtive 0.4.8 - Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload

Collabtive 0.4.8 Multiple Vulnerabilities Name Multiple Vulnerabilities in Collabtive Systems Affected Collabtive 0.4.8 and possibly earlier versions Severity High Impact CVSSv2 High 8/10, vector: AV:N/AC:L/Au:S/C:P/I:C/A:P Vendor http://collabtive.o-dyn.de/ Advisory...

7.4AI score
Exploits0
Rows per page
Query Builder