VYPR

Projectmanagement

by Rukovoditel

CVEs (4)

  • CVE-2020-13592HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.02

    An exploitable SQL injection vulnerability exists in "global_lists/choices" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this…

  • CVE-2020-13591HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.02

    An exploitable SQL injection vulnerability exists in the "access_rules/rules_form" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability,…

  • CVE-2020-13587HigApr 9, 2021
    risk 0.57cvss 8.8epss 0.02

    An exploitable SQL injection vulnerability exists in the "forms_fields_rules/rules" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability,…

  • CVE-2020-13590HigApr 18, 2022
    risk 0.47cvss 7.2epss 0.01

    Multiple exploitable SQL injection vulnerabilities exist in the 'entities/fields' page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities,…