High severity8.8NVD Advisory· Published Apr 9, 2021· Updated Jun 17, 2026
CVE-2020-13587
CVE-2020-13587
Description
An exploitable SQL injection vulnerability exists in the "forms_fields_rules/rules" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 2.7.2
- Range: = 2.7.2
Patches
Vulnerability mechanics
References
1- talosintelligence.com/vulnerability_reports/TALOS-2020-1198nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.