Lucene search
K

6 matches found

Check Point Advisories
Check Point Advisories
added 2019/11/25 12:0 a.m.15 views

OPF OpenProject Activities API SQL Injection (CVE-2019-11600)

A SQL injection vulnerability has been reported in OpenProject. This vulnerability can be exploited by sending crafted HTTP requests to a vulnerable application. Successful exploitation could lead to arbitrary SQL statement execution in the security context of database service...

6.8CVSS1.8AI score0.79956EPSS
Exploits5
0day.today
0day.today
added 2019/05/14 12:0 a.m.92 views

OpenProject 5.0.0 - 8.3.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version:...

6.8CVSS8AI score0.79956EPSS
Exploits5
CVE
CVE
added 2019/05/13 7:57 p.m.70 views

CVE-2019-11600

CVE-2019-11600 is an SQL injection in OpenProject’s activities API, exploitable via the id parameter. Affected product: OpenProject versions 5.0.0 through 8.3.1; the vulnerability can be exploited remotely and, in some configurations, unauthenticated if API access is not protected. Consequences s...

8.1CVSS8.6AI score0.79956EPSS
Exploits5References5Affected Software1
Circl
Circl
added 2019/05/13 12:0 a.m.24 views

CVE-2019-11600

creationtimestamp| type| source ---|---|--- 2019-05-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46838...

8.1CVSS6.8AI score0.79956EPSS
Exploits5References1
exploitpack
exploitpack
added 2019/05/13 12:0 a.m.70 views

OpenProject 5.0.0 - 8.3.1 - SQL Injection

OpenProject 5.0.0 - 8.3.1 - SQL Injection SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version: 8.3.2 & 9.0.0...

6.8CVSS8.6AI score0.79956EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/05/10 12:0 a.m.129 views

OpenProject 8.3.1 SQL Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version: 8.3.2 & 9.0.0 CVE number: CVE-2019-11600 impact: Critica...

8.2AI score0.79956EPSS
Exploits5
Rows per page
Query Builder