Lucene search
K

6 matches found

NVD
NVD
added 2018/01/23 6:29 p.m.50 views

CVE-2017-17999

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledgebase/getarticlesuggestion/...

9.8CVSS10AI score0.03344EPSS
Exploits5References2
Cvelist
Cvelist
added 2018/01/23 6:0 p.m.50 views

CVE-2017-17999

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledgebase/getarticlesuggestion/...

10AI score0.03344EPSS
Exploits5References2
CVE
CVE
added 2018/01/23 6:0 p.m.67 views

CVE-2017-17999

RISE Ultimate Project Manager 1.9 contains a SQL injection in the knowledge_base get_article_suggestion endpoint. The vulnerability is triggered via the search parameter to index.php/knowledge_base/get_article_suggestion/; an attacker can craft input to execute arbitrary SQL. Public references sh...

9.8CVSS9.9AI score0.03344EPSS
Exploits5References2Affected Software1
Packet Storm
Packet Storm
added 2018/01/15 12:0 a.m.37 views

RISE 1.9 SQL Injection

Exploit Title: RISE Ultimate Project Manager 1.9 - SQL Injection Exploit Author: Ahmad Mahfouz Contact: http://twitter.com/eln1x Date: 30/12/2017 CVE: CVE-2017-17999 Vendor Homepage: http://fairsketch.com/ Version: 1.9 POST /index.php/knowledgebase/getarticlesuggestion/ HTTP/1.1 Host: localhost...

9.2AI score0.03344EPSS
Exploits5
exploitpack
exploitpack
added 2018/01/15 12:0 a.m.36 views

RISE 1.9 - search SQL Injection

RISE 1.9 - search SQL Injection Exploit Title: RISE Ultimate Project Manager 1.9 - SQL Injection Exploit Author: Ahmad Mahfouz Contact: http://twitter.com/eln1x Date: 30/12/2017 CVE: CVE-2017-17999 Vendor Homepage: http://fairsketch.com/ Version: 1.9 POST...

7.5CVSS0.2AI score0.03344EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/01/15 12:0 a.m.41 views

RISE 1.9 - 'search' SQL Injection

Exploit Title: RISE Ultimate Project Manager 1.9 - SQL Injection Exploit Author: Ahmad Mahfouz Contact: http://twitter.com/eln1x Date: 30/12/2017 CVE: CVE-2017-17999 Vendor Homepage: http://fairsketch.com/ Version: 1.9 POST /index.php/knowledgebase/getarticlesuggestion/ HTTP/1.1 Host: localhost...

9.8CVSS7AI score0.03344EPSS
Exploits5
Rows per page
Query Builder