Description

SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstart[USERTOID] cookie in a pull action.

Remediation

References

CVE-2010-4269

Related Vulnerabilities

WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Multiple Vulnerabilities (3.63)

WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.22)

Moodle Other Vulnerability (CVE-2006-4939)

Python Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-3177)

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29009)

Severity

High

Classification

CVE-2010-4269 CWE-138

Tags

Missing Update Known Vulnerabilities