High severity7.2NVD Advisory· Published Apr 18, 2022· Updated Jun 17, 2026
CVE-2020-13590
CVE-2020-13590
Description
Multiple exploitable SQL injection vulnerabilities exist in the 'entities/fields' page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities, this can be done either with administrator credentials or through cross-site request forgery.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =2.7.2
- Range: 2.7.2
Patches
Vulnerability mechanics
References
1- talosintelligence.com/vulnerability_reports/TALOS-2020-1199nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.