IDCVSSSummaryLast (major) updatePublished
CVE-2008-6946 4.3
Cross-site scripting (XSS) vulnerability in manageproject.php in Collabtive 0.4.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via the project Name, which is not properly handled when the administrator performs an edit
11-10-2018 - 20:57 12-08-2009 - 10:30
CVE-2008-6947 7.5
Collabtive 0.4.8 allows remote attackers to bypass authentication and create new users, including administrators, via unspecified vectors associated with the added mode in a users action to admin.php.
11-10-2018 - 20:57 12-08-2009 - 10:30
CVE-2008-6948 6.5
Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the fi
11-10-2018 - 20:57 12-08-2009 - 10:30
CVE-2008-6949 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in Collabtive 0.4.8 allow remote attackers to hijack the authentication of administrators for requests that (1) submit or edit a new project, or (2) upload files to a project, or (3) attach f
11-10-2018 - 20:57 12-08-2009 - 10:30
Back to Top Mark selected
Back to Top