Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for webcollab by andrew_simpson

    CVE-2013-2652 (GCVE-0-2013-2652)

    Vulnerability from nvd – Published: 2013-11-02 18:00 – Updated: 2024-08-06 15:44
    VLAI
    Summary
    CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/55295 third-party-advisoryx_refsource_SECUNIA
    http://packetstormsecurity.com/files/123771/WebCo… x_refsource_MISC
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/98768 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/63247 vdb-entryx_refsource_BID
    http://secunia.com/advisories/55235 third-party-advisoryx_refsource_SECUNIA
    http://sourceforge.net/p/webcollab/mailman/messag… mailing-listx_refsource_MLIST
    Date Public
    2013-10-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:44:33.467Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55295",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/55295"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html"
              },
              {
                "name": "20131024 [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab \u003c= v3.30",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0117.html"
              },
              {
                "name": "98768",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/98768"
              },
              {
                "name": "webcollab-cve20132652-response-splitting(88177)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88177"
              },
              {
                "name": "63247",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/63247"
              },
              {
                "name": "55235",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/55235"
              },
              {
                "name": "[Webcollab-announce] 20131018 Webcollab 3.31 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/p/webcollab/mailman/message/31536457/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-10-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "55295",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/55295"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html"
            },
            {
              "name": "20131024 [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab \u003c= v3.30",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0117.html"
            },
            {
              "name": "98768",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/98768"
            },
            {
              "name": "webcollab-cve20132652-response-splitting(88177)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88177"
            },
            {
              "name": "63247",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/63247"
            },
            {
              "name": "55235",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/55235"
            },
            {
              "name": "[Webcollab-announce] 20131018 Webcollab 3.31 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://sourceforge.net/p/webcollab/mailman/message/31536457/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-2652",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "55295",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/55295"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html"
                },
                {
                  "name": "20131024 [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab \u003c= v3.30",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0117.html"
                },
                {
                  "name": "98768",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/98768"
                },
                {
                  "name": "webcollab-cve20132652-response-splitting(88177)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88177"
                },
                {
                  "name": "63247",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/63247"
                },
                {
                  "name": "55235",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/55235"
                },
                {
                  "name": "[Webcollab-announce] 20131018 Webcollab 3.31 Released",
                  "refsource": "MLIST",
                  "url": "http://sourceforge.net/p/webcollab/mailman/message/31536457/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-2652",
        "datePublished": "2013-11-02T18:00:00.000Z",
        "dateReserved": "2013-03-22T00:00:00.000Z",
        "dateUpdated": "2024-08-06T15:44:33.467Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1455 (GCVE-0-2009-1455)

    Vulnerability from nvd – Published: 2009-04-28 16:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    Multiple cross-site request forgery (CSRF) vulnerabilities in WebCollab before 2.50 (aka Billy Goat) allow remote attackers to hijack the authentication of administrators for requests that change an arbitrary password or have other unspecified impact.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/34568 third-party-advisoryx_refsource_SECUNIA
    http://holisticinfosec.org/content/view/108/45/ x_refsource_MISC
    http://sourceforge.net/project/shownotes.php?rele… x_refsource_CONFIRM
    http://www.osvdb.org/53781 vdb-entryx_refsource_OSVDB
    Date Public
    2009-04-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:25.552Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "webcollab-unspecifed-csrf(49940)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49940"
              },
              {
                "name": "34568",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34568"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://holisticinfosec.org/content/view/108/45/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
              },
              {
                "name": "53781",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/53781"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in WebCollab before 2.50 (aka Billy Goat) allow remote attackers to hijack the authentication of administrators for requests that change an arbitrary password or have other unspecified impact."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "webcollab-unspecifed-csrf(49940)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49940"
            },
            {
              "name": "34568",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34568"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://holisticinfosec.org/content/view/108/45/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
            },
            {
              "name": "53781",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/53781"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1455",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in WebCollab before 2.50 (aka Billy Goat) allow remote attackers to hijack the authentication of administrators for requests that change an arbitrary password or have other unspecified impact."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "webcollab-unspecifed-csrf(49940)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49940"
                },
                {
                  "name": "34568",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34568"
                },
                {
                  "name": "http://holisticinfosec.org/content/view/108/45/",
                  "refsource": "MISC",
                  "url": "http://holisticinfosec.org/content/view/108/45/"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
                },
                {
                  "name": "53781",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/53781"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1455",
        "datePublished": "2009-04-28T16:00:00.000Z",
        "dateReserved": "2009-04-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:25.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1454 (GCVE-0-2009-1454)

    Vulnerability from nvd – Published: 2009-04-28 16:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/34568 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/53780 vdb-entryx_refsource_OSVDB
    http://holisticinfosec.org/content/view/108/45/ x_refsource_MISC
    http://sourceforge.net/project/shownotes.php?rele… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/34576 vdb-entryx_refsource_BID
    Date Public
    2009-04-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:25.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "webcollab-tasks-xss(49939)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49939"
              },
              {
                "name": "34568",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34568"
              },
              {
                "name": "53780",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/53780"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://holisticinfosec.org/content/view/108/45/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
              },
              {
                "name": "34576",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34576"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "webcollab-tasks-xss(49939)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49939"
            },
            {
              "name": "34568",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34568"
            },
            {
              "name": "53780",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/53780"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://holisticinfosec.org/content/view/108/45/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
            },
            {
              "name": "34576",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34576"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1454",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "webcollab-tasks-xss(49939)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49939"
                },
                {
                  "name": "34568",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34568"
                },
                {
                  "name": "53780",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/53780"
                },
                {
                  "name": "http://holisticinfosec.org/content/view/108/45/",
                  "refsource": "MISC",
                  "url": "http://holisticinfosec.org/content/view/108/45/"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
                },
                {
                  "name": "34576",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34576"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1454",
        "datePublished": "2009-04-28T16:00:00.000Z",
        "dateReserved": "2009-04-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:25.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-2652 (GCVE-0-2013-2652)

    Vulnerability from cvelistv5 – Published: 2013-11-02 18:00 – Updated: 2024-08-06 15:44
    VLAI
    Summary
    CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/55295 third-party-advisoryx_refsource_SECUNIA
    http://packetstormsecurity.com/files/123771/WebCo… x_refsource_MISC
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/98768 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/63247 vdb-entryx_refsource_BID
    http://secunia.com/advisories/55235 third-party-advisoryx_refsource_SECUNIA
    http://sourceforge.net/p/webcollab/mailman/messag… mailing-listx_refsource_MLIST
    Date Public
    2013-10-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T15:44:33.467Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55295",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/55295"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html"
              },
              {
                "name": "20131024 [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab \u003c= v3.30",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0117.html"
              },
              {
                "name": "98768",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/98768"
              },
              {
                "name": "webcollab-cve20132652-response-splitting(88177)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88177"
              },
              {
                "name": "63247",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/63247"
              },
              {
                "name": "55235",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/55235"
              },
              {
                "name": "[Webcollab-announce] 20131018 Webcollab 3.31 Released",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/p/webcollab/mailman/message/31536457/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-10-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "55295",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/55295"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html"
            },
            {
              "name": "20131024 [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab \u003c= v3.30",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0117.html"
            },
            {
              "name": "98768",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/98768"
            },
            {
              "name": "webcollab-cve20132652-response-splitting(88177)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88177"
            },
            {
              "name": "63247",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/63247"
            },
            {
              "name": "55235",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/55235"
            },
            {
              "name": "[Webcollab-announce] 20131018 Webcollab 3.31 Released",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://sourceforge.net/p/webcollab/mailman/message/31536457/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2013-2652",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "55295",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/55295"
                },
                {
                  "name": "http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html"
                },
                {
                  "name": "20131024 [ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab \u003c= v3.30",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2013-10/0117.html"
                },
                {
                  "name": "98768",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/98768"
                },
                {
                  "name": "webcollab-cve20132652-response-splitting(88177)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88177"
                },
                {
                  "name": "63247",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/63247"
                },
                {
                  "name": "55235",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/55235"
                },
                {
                  "name": "[Webcollab-announce] 20131018 Webcollab 3.31 Released",
                  "refsource": "MLIST",
                  "url": "http://sourceforge.net/p/webcollab/mailman/message/31536457/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2013-2652",
        "datePublished": "2013-11-02T18:00:00.000Z",
        "dateReserved": "2013-03-22T00:00:00.000Z",
        "dateUpdated": "2024-08-06T15:44:33.467Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1455 (GCVE-0-2009-1455)

    Vulnerability from cvelistv5 – Published: 2009-04-28 16:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    Multiple cross-site request forgery (CSRF) vulnerabilities in WebCollab before 2.50 (aka Billy Goat) allow remote attackers to hijack the authentication of administrators for requests that change an arbitrary password or have other unspecified impact.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/34568 third-party-advisoryx_refsource_SECUNIA
    http://holisticinfosec.org/content/view/108/45/ x_refsource_MISC
    http://sourceforge.net/project/shownotes.php?rele… x_refsource_CONFIRM
    http://www.osvdb.org/53781 vdb-entryx_refsource_OSVDB
    Date Public
    2009-04-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:25.552Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "webcollab-unspecifed-csrf(49940)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49940"
              },
              {
                "name": "34568",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34568"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://holisticinfosec.org/content/view/108/45/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
              },
              {
                "name": "53781",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/53781"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in WebCollab before 2.50 (aka Billy Goat) allow remote attackers to hijack the authentication of administrators for requests that change an arbitrary password or have other unspecified impact."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "webcollab-unspecifed-csrf(49940)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49940"
            },
            {
              "name": "34568",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34568"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://holisticinfosec.org/content/view/108/45/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
            },
            {
              "name": "53781",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/53781"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1455",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in WebCollab before 2.50 (aka Billy Goat) allow remote attackers to hijack the authentication of administrators for requests that change an arbitrary password or have other unspecified impact."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "webcollab-unspecifed-csrf(49940)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49940"
                },
                {
                  "name": "34568",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34568"
                },
                {
                  "name": "http://holisticinfosec.org/content/view/108/45/",
                  "refsource": "MISC",
                  "url": "http://holisticinfosec.org/content/view/108/45/"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
                },
                {
                  "name": "53781",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/53781"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1455",
        "datePublished": "2009-04-28T16:00:00.000Z",
        "dateReserved": "2009-04-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:25.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1454 (GCVE-0-2009-1454)

    Vulnerability from cvelistv5 – Published: 2009-04-28 16:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/34568 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/53780 vdb-entryx_refsource_OSVDB
    http://holisticinfosec.org/content/view/108/45/ x_refsource_MISC
    http://sourceforge.net/project/shownotes.php?rele… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/34576 vdb-entryx_refsource_BID
    Date Public
    2009-04-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:25.661Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "webcollab-tasks-xss(49939)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49939"
              },
              {
                "name": "34568",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34568"
              },
              {
                "name": "53780",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/53780"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://holisticinfosec.org/content/view/108/45/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
              },
              {
                "name": "34576",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34576"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "webcollab-tasks-xss(49939)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49939"
            },
            {
              "name": "34568",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34568"
            },
            {
              "name": "53780",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/53780"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://holisticinfosec.org/content/view/108/45/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
            },
            {
              "name": "34576",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34576"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1454",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "webcollab-tasks-xss(49939)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49939"
                },
                {
                  "name": "34568",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34568"
                },
                {
                  "name": "53780",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/53780"
                },
                {
                  "name": "http://holisticinfosec.org/content/view/108/45/",
                  "refsource": "MISC",
                  "url": "http://holisticinfosec.org/content/view/108/45/"
                },
                {
                  "name": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/project/shownotes.php?release_id=676245\u0026group_id=75945"
                },
                {
                  "name": "34576",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34576"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1454",
        "datePublished": "2009-04-28T16:00:00.000Z",
        "dateReserved": "2009-04-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:25.661Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }