3 matches found
EUVD-2026-43593
SAP S/4HANA application Project Management PPM-PRO allows an attacker with high privileges to execute crafted database queries, exposing the backend database. This results in low impact on confidentiality, with no impact on integrity and availability of the application...
Rukovoditel cross-site scripting vulnerability (CNVD-2021-50937)
Rukovoditel is a free web-based open source project management application. A stored cross-site scripting vulnerability exists in the "User Access Groups" feature in Rukovoditel version 2.7.2, which can be exploited to execute arbitrary web script or HTML via the 'Name' parameter...
dotProject Multiple Scripts Remote File Inclusion
The remote host is running dotProject, a web-based, open source, project management application written in PHP. The installed version of dotProject fails to sanitize input to various parameters and scripts before using it to include PHP code. Provided PHP's 'registerglobals' setting is enabled, a...