Critical severity9.8NVD Advisory· Published Oct 26, 2017· Updated Jun 17, 2026
CVE-2017-15907
CVE-2017-15907
Description
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php.
Affected products
2cpe:2.3:a:phpcollab:phpcollab:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpcollab:phpcollab:*:*:*:*:*:*:*:*range: <=2.5.1
- (no CPE)range: <=2.5.1
Patches
Vulnerability mechanics
References
1- www.sstrunk.com/cve/phpCollab_newsdesk.htmlnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.