Collabtive Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2010-4269 - Vulnerability Database

Collabtive

Collabtive Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2010-4269

High

Reference: CVE-2010-4269

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-4269

Title: Collabtive Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability

Overview:

SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstartUSERTOID cookie in a pull action.