CVE-2013-6872

SQL injection vulnerability in managetimetracker.php in Collabtive before 1.2 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a projectpdf action.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:o-dyn:collabtive:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.6:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.1:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:*:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:1.0:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.7.6:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.4.7:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.4.6:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.3.6:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.2:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.7:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.4.9.1:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.3.5:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.4.9:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.4:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.2.5:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.4.5:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.4.8:*:*:*:*:*:*:*
cpe:2.3:a:o-dyn:collabtive:0.3:*:*:*:*:*:*:*

Information

Published : 2014-01-21 07:17

Updated : 2015-07-28 07:49


NVD link : CVE-2013-6872

Mitre link : CVE-2013-6872


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

o-dyn

  • collabtive