Vulnerabilities (CVE)

Filtered by vendor Php-collab Subscribe
Filtered by product Php-collab
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4305 1 Php-collab 1 Php-collab 2024-11-21 9.0 HIGH N/A
Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via the URI.
CVE-2008-4303 1 Php-collab 1 Php-collab 2024-11-21 6.8 MEDIUM N/A
Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors.