EUVD-2018-2829

Malware in sbrugna...

EUVD-2015-2884

Malware in sbrugna...

CVE-2012-10036

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/uploadfile.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. T...

CVE-2012-10036

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/uploadfile.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. T...

CVE-2012-10036

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/uploadfile.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. T...

CVE-2012-10036 Project Pier <= 0.8.8 Arbitrary File Upload RCE

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/uploadfile.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. T...

CVE-2012-10036 Project Pier <= 0.8.8 Arbitrary File Upload RCE

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/uploadfile.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. T...

CVE-2012-10036

CVE-2012-10036 affects Project Pier

PT-2025-32393 · Unknown · Projectpier

Name of the Vulnerable Software and Affected Versions: Project Pier versions 0.8.8 and earlier Description: Project Pier is susceptible to an unauthenticated arbitrary file upload issue in the tools/upload file.php script. The upload process does not validate file types or require authentication,...

Project Pier Remote File Inclusion (CVE-2018-10759)

A command execution vulnerability exists in projectpier project projectpier x=0.8.8. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

ProjectPier PHP Remote File Inclusion Vulnerability

Project Pier is a free open source project management system . A PHP remote file inclusion vulnerability exists in the public/patch/patch.php file in Project Pier 0.8.8 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary commands or SQL statements with the...

Remote file inclusion

PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and earlier allows remote attackers to execute arbitrary commands or SQL statements via the id parameter...

CVE-2018-10759

PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and earlier allows remote attackers to execute arbitrary commands or SQL statements via the id parameter...

CVE-2018-10759

PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and earlier allows remote attackers to execute arbitrary commands or SQL statements via the id parameter...

CVE-2018-10759

PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and earlier allows remote attackers to execute arbitrary commands or SQL statements via the id parameter...

CVE-2018-10759

The CVE-2018-10759 issue affects Project Pier 0.8.8 and earlier, where a PHP remote file inclusion vulnerability exists in public/patch/patch.php. The id parameter is not sanitized, enabling an attacker to remotely execute arbitrary commands or SQL statements. Some sources note potential command ...

Project-Pier ProjectPier-Core Cross-Site Scripting Vulnerability

Project-Pier ProjectPier-Core is a free open source project management system. Multiple cross-site scripting vulnerabilities exist in Project-Pier ProjectPier-Core. A remote attacker can inject arbitrary web script or HTML by sending the 'searchfor' parameter to the searchbytag.php file,...

CVE-2015-2796

Multiple cross-site scripting XSS vulnerabilities in Project-Pier ProjectPier-Core allow remote attackers to inject arbitrary web script or HTML via the searchfor parameter to 1 searchbytag.php, 2 searchcontacts.php, or 3 search.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Project-Pier ProjectPier-Core allow remote attackers to inject arbitrary web script or HTML via the searchfor parameter to 1 searchbytag.php, 2 searchcontacts.php, or 3 search.php...

CVE-2015-2796

Project-Pier ProjectPier-Core is affected by multiple XSS vulnerabilities in the search functionality. The issue arises from the search_for parameter being unsafely echoed by three pages: search_by_tag.php, search_contacts.php, and search.php, enabling remote attackers to inject arbitrary web scr...