8 matches found
EUVD-2008-6908
Malware in sbrugna...
CVE-2008-6948
Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to 1 the showproject acti...
Unrestricted file upload
Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to 1 the showproject acti...
CVE-2008-6946
Cross-site scripting XSS vulnerability in manageproject.php in Collabtive 0.4.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via the project Name, which is not properly handled when the administrator performs an editform action, related to admin.php...
CVE-2008-6949
Multiple cross-site request forgery CSRF vulnerabilities in Collabtive 0.4.8 allow remote attackers to hijack the authentication of administrators for requests that 1 submit or edit a new project, or 2 upload files to a project, or 3 attach files to messages via unknown vectors. NOTE: these issue...
CVE-2008-6949
CVE-2008-6949 affects Collabtive 0.4.8 with multiple CSRF vulnerabilities that let an attacker hijack administrator authentication to perform actions such as submitting or editing a project, uploading files to a project, or attaching files to messages. The issues may be leveraged with other vulne...
Collabtive 0.4.8 (XSS/Auth Bypass/Upload) Multiple Vulnerabilities
Exploit for unknown platform in category web applications ================================================================== Collabtive 0.4.8 XSS/Auth Bypass/Upload Multiple Vulnerabilities ================================================================== Collabtive 0.4.8 Multiple Vulnerabilitie...
Collabtive 0.4.8 - Cross-Site Scripting / Authentication Bypass / Arbitrary File Upload
Collabtive 0.4.8 Multiple Vulnerabilities Name Multiple Vulnerabilities in Collabtive Systems Affected Collabtive 0.4.8 and possibly earlier versions Severity High Impact CVSSv2 High 8/10, vector: AV:N/AC:L/Au:S/C:P/I:C/A:P Vendor http://collabtive.o-dyn.de/ Advisory...