CVE-2020-13592
CVE-2020-13592 refers to an exploitable SQL injection in the Rukovoditel Project Management App 2.7.2, on the page global_lists/choices . The vulnerability arises from lack of input validation in the query that uses the lists_id parameter, allowing an attacker with an authenticated session to per...