Description

SQL injection vulnerability in managetimetracker.php in Collabtive before 1.2 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a projectpdf action.

Remediation

References

CVE-2013-6872

Related Vulnerabilities

WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.1.6)

Oracle HTTP Server Other Vulnerability (CVE-2020-35164)

MySQL Resource Management Errors Vulnerability (CVE-2010-3679)

MediaWiki Insertion of Sensitive Information into Log File Vulnerability (CVE-2024-40598)

WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone Cross-Site Scripting (3.2.2)

Severity

Medium

Classification

CVE-2013-6872 CWE-138

Tags

Missing Update Known Vulnerabilities