Lucene search
+L

215 matches found

CNNVD
CNNVD
added 2024/10/22 12:0 a.m.5 views

Collabtive 跨站脚本漏洞

Collabtive is a web-based project management system. The system includes features such as project management, document management and time tracking. A security vulnerability exists in Collabtive version 3.1, which stems from the presence of a cross-site scripting XSS vulnerability that can be...

5.4CVSS5.8AI score0.00339EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/22 12:0 a.m.14 views

CVE-2024-48706

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the title parameter with action=add or action=editform within the a managemessage.php file and b managetask.php file respectively...

6.4AI score0.00339EPSS
Exploits1References1
CVE
CVE
added 2024/10/22 12:0 a.m.52 views

CVE-2024-48708

CVE-2024-48708 affects Collabtive 3.1 with a Cross-Site Scripting (XSS) vulnerability that can be triggered via the name parameter in two pages: tasklist.php (action=add/edit) and admin.php (action=adduser/edituser). The connected Nessus/Red Hat/Ubuntu/etc. entries confirm the same description an...

5.4CVSS6AI score0.00339EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.6 views

Collabtive 跨站脚本漏洞

Collabtive is a web-based project management system. The system includes features such as project management, document management and time tracking. A security vulnerability exists in Collabtive version 3.1, which originates from a cross-site scripting attack via the name parameter when...

4.8CVSS6.2AI score0.00338EPSS
Exploits1References2
CVE
CVE
added 2024/10/22 12:0 a.m.53 views

CVE-2024-48707

CVE-2024-48707 affects Collabtive 3.1. The vulnerability is an XSS in the web UI triggered by the name parameter in two endpoints: (a) managemilestone.php when action=add or action=edit, and (b) admin.php when action=addpro. The underlying cause is unsanitized/unvalidated input in these parameter...

5.4CVSS6.2AI score0.00339EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/22 12:0 a.m.12 views

CVE-2024-46240

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file...

6.3AI score0.00338EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/10/22 12:0 a.m.5 views

Collabtive 跨站脚本漏洞

Collabtive is a web-based project management system. The system includes features such as project management, document management and time tracking. A security vulnerability exists in Collabtive version 3.1, which stems from the presence of a cross-site scripting XSS vulnerability that can be...

5.4CVSS5.8AI score0.00339EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/10/22 12:0 a.m.21 views

CVE-2024-48706

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the title parameter with action=add or action=editform within the a managemessage.php file and b managetask.php file respectively...

0.00339EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/22 12:0 a.m.31 views

CVE-2024-48708

Collabtive 3.1 is vulnerable to Cross-Site Scripting XSS via the name parameter in a file tasklist.php under action = add/edit and in b file admin.php under action = adduser/edituser...

0.00339EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/22 12:0 a.m.20 views

CVE-2024-48707

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the name parameter under a action=add or action=edit within managemilestone.php file and b action=addpro within admin.php file...

0.00339EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/22 12:0 a.m.36 views

CVE-2024-46240

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file...

0.00338EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/22 12:0 a.m.12 views

CVE-2024-48708

Collabtive 3.1 is vulnerable to Cross-Site Scripting XSS via the name parameter in a file tasklist.php under action = add/edit and in b file admin.php under action = adduser/edituser...

6.1AI score0.00339EPSS
Exploits1References1
CVE
CVE
added 2024/10/22 12:0 a.m.63 views

CVE-2024-48706

Collabtive 3.1 is vulnerable to cross-site scripting (XSS) via the title parameter when using action=add (managemessage.php) or action=editform (managetask.php). Root cause is unsanitized input in the title field. Affected: Collabtive 3.1. Exploitation details are not provided beyond the affected...

5.4CVSS6.2AI score0.00339EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/22 12:0 a.m.10 views

PT-2024-33186 · Unknown · Collabtive

Name of the Vulnerable Software and Affected Versions: Collabtive version 3.1 Description: The issue is related to Cross-site scripting XSS via the title parameter with action=add or action=editform within the managemessage.php file and managetask.php file respectively. This allows for potential...

5.4CVSS6.4AI score0.00339EPSS
Exploits1References8
CVE
CVE
added 2024/10/22 12:0 a.m.53 views

CVE-2024-46240

CVE-2024-46240 affects Collabtive 3.1. The vulnerability is a Cross-site Scripting (XSS) flaw in admin.php, exploitable via the name parameter under action=system and the company/contact parameters under action=addcust. Root cause: XSS in these input points. The connected sources confirm Collabti...

4.8CVSS6.2AI score0.00338EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/22 12:0 a.m.18 views

CVE-2024-48707

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the name parameter under a action=add or action=edit within managemilestone.php file and b action=addpro within admin.php file...

6.3AI score0.00339EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/10/22 12:0 a.m.6 views

PT-2024-33187 · Unknown · Collabtive

Name of the Vulnerable Software and Affected Versions: Collabtive version 3.1 Description: The issue concerns Cross-site scripting XSS via the name parameter. This occurs under specific conditions: a when action equals add or action equals edit within the managemilestone.php file, and b when acti...

5.4CVSS6.2AI score0.00339EPSS
Exploits1References8
OSV
OSV
added 2021/01/29 6:15 a.m.4 views

CVE-2021-3298

Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter...

5.4CVSS6.1AI score0.02144EPSS
Exploits2References2
NVD
NVD
added 2021/01/29 6:15 a.m.14 views

CVE-2021-3298

Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter...

5.4CVSS5.2AI score0.02144EPSS
Exploits2References2
Prion
Prion
added 2021/01/29 6:15 a.m.15 views

Cross site scripting

Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter...

3.5CVSS5.1AI score0.02144EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder