CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

O-Dyn: >> Collabtive >> 0.7.6 Security Vulnerabilities

CVE-2015-0258

Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a file with a (1) .php3, (2) .php4, (3) .php5, or (4) .phtml extension.

CVSS Score

8.8

EPSS Score

0.135

Published

2020-02-17

CVE-2013-6872

SQL injection vulnerability in managetimetracker.php in Collabtive before 1.2 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a projectpdf action.

CVSS Score

6.5

EPSS Score

0.036

Published

2014-01-21

Page 1

Vulnerabilities

Vulnerable Software

O-Dyn: >> Collabtive >> 0.7.6 Security Vulnerabilities

Products

Pricing

Contact Us