3 matches found
CVE-2023-27113
CVE-2023-27113 affects pearProjectApi v2.8.10, with a SQL injection vulnerability in project.php reachable via the organizationCode parameter. The issue’s root cause is a SQL injection in that parameter, exposing potential impacts to confidentiality, integrity, and availability as reflected by CV...
CVE-2023-27112
CVE-2023-27112 affects pearProjectApi v2.8.10, with a SQL injection vulnerability exposed via the projectCode parameter at project.php. The underlying issue is an input handling flaw in the affected endpoint, enabling arbitrary SQL execution with potential impact on confidentiality, integrity, an...
CVE-2026-3057
CVE-2026-3057 affects the a54552239 pearProjectApi, specifically the Backend Interface component. The vulnerability resides in the function dateTotalForProject in application/common/Model/Task.php, where manipulating the projectCode argument leads to a SQL injection. The issue can be exploited re...