Skip to main content

Collapsing Archives

2 CVEs product

Monthly

CVE-2026-32365 HIGH This Week

Blind SQL injection in Collapsing Archives versions up to 3.0.7 allows authenticated attackers to execute arbitrary SQL queries through improper input sanitization. An attacker with user-level access can exploit this vulnerability to extract sensitive data from the database, though the impact is partially mitigated by the requirement for prior authentication. No patch is currently available for this vulnerability.

SQLi Collapsing Archives
NVD VulDB
CVSS 3.1
8.5
EPSS
0.0%
CVE-2024-43934 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Robert Felty Collapsing Archives allows Stored XSS.0.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Collapsing Archives
NVD
CVSS 3.1
5.4
EPSS
0.2%
EPSS 0% CVSS 8.5
HIGH This Week

Blind SQL injection in Collapsing Archives versions up to 3.0.7 allows authenticated attackers to execute arbitrary SQL queries through improper input sanitization. An attacker with user-level access can exploit this vulnerability to extract sensitive data from the database, though the impact is partially mitigated by the requirement for prior authentication. No patch is currently available for this vulnerability.

SQLi Collapsing Archives
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Robert Felty Collapsing Archives allows Stored XSS.0.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Collapsing Archives
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy