Description
SQL injection vulnerability in managetimetracker.php in Collabtive before 1.2 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a projectpdf action.
Remediation
References
Related Vulnerabilities
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)
WordPress Plugin Vuukle Comments, Reactions, Share Bar, Revenue Cross-Site Request Forgery (3.4.31)
WordPress Plugin XforWooCommerce Security Bypass (1.6.4)
WordPress Plugin WordPress Backup and Migrate-Backup Guard Cross-Site Request Forgery (1.1.90)
Liferay Portal Improper Authentication Vulnerability (CVE-2021-29047)