VYPR
Vendor

Fairsketch

Products
2
CVEs
12
Across products
12
Status
Private

Products

2

Recent CVEs

12
  • CVE-2017-11182MedJul 12, 2017
    risk 0.35cvss 5.4epss 0.01

    In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the My Profile section. All input fields are vulnerable.

  • CVE-2017-11181MedJul 12, 2017
    risk 0.35cvss 5.4epss 0.01

    In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the Messaging section. Subject and Message fields are vulnerable.

  • CVE-2024-8945Sep 17, 2024
    risk 0.03cvss epss 0.15

    A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified as critical. This vulnerability affects unknown code of the file /index.php/dashboard/save. The manipulation of the argument id leads to sql injection. The attack can be initiated…

  • CVE-2025-41106Nov 11, 2025
    risk 0.00cvss epss 0.00

    HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'first_name' in '/clients/save_contact/'.

  • CVE-2025-41105Nov 11, 2025
    risk 0.00cvss epss 0.00

    HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/tickets/save'.

  • CVE-2025-41104Nov 11, 2025
    risk 0.00cvss epss 0.00

    HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'custom_field_1' in '/estimate_requests/save_estimate_request'.

  • CVE-2025-41103Nov 11, 2025
    risk 0.00cvss epss 0.00

    HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'reply_message' in '/messages/reply'.

  • CVE-2025-41102Nov 11, 2025
    risk 0.00cvss epss 0.00

    HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in '/events/save'.

  • CVE-2025-41101Nov 11, 2025
    risk 0.00cvss epss 0.00

    HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'title' in'/projects/save'.

  • CVE-2025-63293Nov 3, 2025
    risk 0.00cvss epss 0.00

    FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remote authenticated user can append comments or upload attachments to tickets for which they lack view or edit authorization, due to missing authorization checks in the…

  • CVE-2025-56807Sep 29, 2025
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in FairSketch RISE Ultimate Project Manager & CRM 3.9.4 allows an administrator to store a JavaScript payload using the file explorer in the admin dashboard when creating new folders.

  • CVE-2025-3855Apr 22, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php/team_members/save_profile_image/ of the component Profile Picture Handler. The manipulation of…