CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ProjectPier is a team management system from ProjectPier open source. A security vulnerability exists in ProjectPier 0.8.8 and earlier versions, which stems from tools/uploadfile.php not validating file types or authentication, which could lead to arbitrary file uploads and remote code execution...

9.3CVSS7.8AI score0.01511EPSS

Exploits0References8

RedhatCVE•added 2025/05/22 11:31 a.m.•7 views

CVE-2013-3635

ProjectPier 0.8.8 has stored XSS...

5.4CVSS6.7AI score0.0059EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 5:43 a.m.•5 views

CVE-2013-3637

ProjectPier 0.8.8 does not use the Secure flag for cookies...

5.4CVSS7.2AI score0.0059EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 5:28 a.m.•6 views

CVE-2013-3636

ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag...

5.4CVSS6.8AI score0.01017EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 4:32 a.m.•9 views

CVE-2011-3797

ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files...

5CVSS6.5AI score0.01229EPSS

Exploits0References1

NVD•added 2020/02/07 3:15 p.m.•23 views

CVE-2013-3636

ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag...

5.4CVSS5.4AI score0.01017EPSS

Exploits2References3

NVD•added 2020/02/07 3:15 p.m.•24 views

CVE-2013-3637

ProjectPier 0.8.8 does not use the Secure flag for cookies...

5.4CVSS5.5AI score0.0059EPSS

Exploits2References1

NVD•added 2020/02/07 3:15 p.m.•33 views

CVE-2013-3635

ProjectPier 0.8.8 has stored XSS...

5.4CVSS5.3AI score0.0059EPSS

Exploits2References1

Prion•added 2020/02/07 3:15 p.m.•22 views

Information disclosure

ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag...

3.5CVSS7AI score0.01017EPSS

Exploits2References3Affected Software1

Prion•added 2020/02/07 3:15 p.m.•22 views

Cross site scripting

ProjectPier 0.8.8 has stored XSS...

3.5CVSS5.9AI score0.0059EPSS

Exploits2References1Affected Software1

Prion•added 2020/02/07 3:15 p.m.•19 views

Code injection

ProjectPier 0.8.8 does not use the Secure flag for cookies...

3.5CVSS7AI score0.0059EPSS

Exploits2References1Affected Software1

Cvelist•added 2020/02/07 2:38 p.m.•41 views

CVE-2013-3637

ProjectPier 0.8.8 does not use the Secure flag for cookies...

5.5AI score0.0059EPSS

Exploits2References1

CVE•added 2020/02/07 2:38 p.m.•52 views

CVE-2013-3637

CVE-2013-3637 affects ProjectPier 0.8.8, with the root issue that session cookies are set without the Secure flag. This means cookies can be transmitted over non-HTTPS connections, potentially exposing session identifiers. The available records (NVD, Red Hat, PRIO, and CVE listings) confirm the i...

5.4CVSS5.5AI score0.0059EPSS

Exploits2References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by