4 matches found
Project Pier Remote File Inclusion (CVE-2018-10759)
A command execution vulnerability exists in projectpier project projectpier x=0.8.8. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2018-10759
PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and earlier allows remote attackers to execute arbitrary commands or SQL statements via the id parameter...
CVE-2018-10759
The CVE-2018-10759 issue affects Project Pier 0.8.8 and earlier, where a PHP remote file inclusion vulnerability exists in public/patch/patch.php. The id parameter is not sanitized, enabling an attacker to remotely execute arbitrary commands or SQL statements. Some sources note potential command ...
ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI
"ProjectPier is a Free, Open-Source, PHP application for managing tasks, projects and teams through an intuitive web interface." https://github.com/Project-Pier https://sourceforge.net/projects/projectpier/ I reached out to the vendor via several channels to report the findings below, but receive...