6 matches found
OPF OpenProject Activities API SQL Injection (CVE-2019-11600)
A SQL injection vulnerability has been reported in OpenProject. This vulnerability can be exploited by sending crafted HTTP requests to a vulnerable application. Successful exploitation could lead to arbitrary SQL statement execution in the security context of database service...
OpenProject 5.0.0 - 8.3.1 - SQL Injection Vulnerability
Exploit for php platform in category web applications SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version:...
CVE-2019-11600
CVE-2019-11600 is an SQL injection in OpenProject’s activities API, exploitable via the id parameter. Affected product: OpenProject versions 5.0.0 through 8.3.1; the vulnerability can be exploited remotely and, in some configurations, unauthenticated if API access is not protected. Consequences s...
CVE-2019-11600
creationtimestamp| type| source ---|---|--- 2019-05-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46838...
OpenProject 5.0.0 - 8.3.1 - SQL Injection
OpenProject 5.0.0 - 8.3.1 - SQL Injection SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version: 8.3.2 & 9.0.0...
OpenProject 8.3.1 SQL Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version: 8.3.2 & 9.0.0 CVE number: CVE-2019-11600 impact: Critica...