GCVE - cpe:2.3:a:activecollab:activecollab:2.1.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:activecollab:activecollab:2.1.0:*:*:*:*:*:*:*

part: a version: 2.1.0 update: *

Vendor	Activecollab (`db32036a-14ea-5169-8be3-07a35303a669`)
Product	Activecollab (`bf5af01c-6207-5953-a079-e410b16c038d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-1773`	vulnerable	2026-06-03 14:29:37.330781	Details available activeCollab 2.1 Corporate allows remote attackers to obtain sensitive information via an invalid re_route parameter to the login script, which reveals the installation path in an error message. Published: 2009-05-22T18:00:00.000Z Updated: 2024-09-16T19:52:34.395Z Open on db.gcve.eu Reference links http://secunia.com/advisories/35079 http://pridels-team.blogspot.com/2009/05/activecollab-xss-and-full-path.html http://www.securityfocus.com/bid/35022	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-1772`	vulnerable	2026-06-03 14:29:37.330402	Details available Cross-site scripting (XSS) vulnerability in activeCollab 2.1 Corporate allows remote attackers to inject arbitrary web script or HTML via the re_route parameter to the login script. Published: 2009-05-22T18:00:00.000Z Updated: 2024-09-16T18:28:33.271Z Open on db.gcve.eu Reference links http://secunia.com/advisories/35079 http://pridels-team.blogspot.com/2009/05/activecollab-xss-and-full-path.html http://www.securityfocus.com/bid/35022	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.