Vulnerability Details CVE-2019-13027
Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.063
EPSS Ranking 90.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-13027
-
cpe:2.3:a:realization:concerto_critical_chain_planner:5.10.8071