CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17999

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://packetstormsecurity.com/files/145902/RISE-1.9-SQL-Injection.html
https://www.exploit-db.com/exploits/43591/
http://packetstormsecurity.com/files/145902/RISE-1.9-SQL-Injection.html
https://www.exploit-db.com/exploits/43591/

Products affected by CVE-2017-17999

Fairsketch » Rise Ultimate Project Manager » Version: 1.9

cpe:2.3:a:fairsketch:rise_ultimate_project_manager:1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17999

Products

Pricing

Contact Us