Approved changes feed: RSS · Atom

cpe:2.3:a:andrew_simpson:webcollab:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAndrew Simpson (3720ba2a-e5f8-5ead-ba22-b2a143accf53)
ProductWebcollab (0afae43d-6c24-5ecc-9231-8c881f254052)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/andrewsimpsonnz/webcollab purl2cpe 2026-06-01 10:16:53.431128
pkg:sourceforge/webcollab purl2cpe 2026-06-01 10:16:53.431132

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2013-2652 vulnerable 2026-06-08 05:04:27.199099 Details available
CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter.
Published: 2013-11-02T18:00:00.000Z
Updated: 2024-08-06T15:44:33.467Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2009-1454 vulnerable 2026-06-08 04:51:23.090607 Details available
Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action.
Published: 2009-04-28T16:00:00.000Z
Updated: 2024-08-07T05:13:25.661Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.