| Max CVSS | 10.0 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1495 | 7.5 |
SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote attackers to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option
|
11-10-2017 - 01:30 | 30-03-2006 - 00:06 | |
| CVE-2008-4303 | 6.8 |
Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors.
|
08-08-2017 - 01:32 | 23-12-2008 - 18:30 | |
| CVE-2008-4304 | 10.0 |
general/login.php in phpCollab 2.5 rc3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified input related to the SSL_CLIENT_CERT environment variable. NOTE: in some environments, SSL_CLIENT_CERT al
|
08-08-2017 - 01:32 | 23-12-2008 - 18:30 | |
| CVE-2008-4305 | 9.0 |
Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via the URI.
|
08-08-2017 - 01:32 | 23-12-2008 - 18:30 |