High severity8.8NVD Advisory· Published Apr 9, 2021· Updated Jun 17, 2026
CVE-2020-13592
CVE-2020-13592
Description
An exploitable SQL injection vulnerability exists in "global_lists/choices" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <= 2.7.2
- Range: =2.7.2
Patches
Vulnerability mechanics
References
1- talosintelligence.com/vulnerability_reports/TALOS-2020-1201nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.