Description
SQL injection vulnerability in Collabtive 1.2 allows remote authenticated users to execute arbitrary SQL commands via the folder parameter in a fileview_list action to manageajax.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin CYSTEME Finder, the admin files explorer Multiple Vulnerabilities (1.3)
WordPress Plugin HyperComments Arbitrary File Deletion (1.2.2)
WordPress Plugin zeList Directory Cross-Site Scripting (0.5.11.07)
WordPress Plugin Photoracer Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0)