Rukovoditel: >> Rukovoditel >> 2.5.2 Security Vulnerabilities
In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution.
CVSS Score
9.8
EPSS Score
0.294
Published
2020-04-16
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the entities_id parameter.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-04-16
Page 2