SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobal_txt parameter to plugins/docman.
CVSS Score
6.5
EPSS Score
0.138
Published
2014-11-04
XML External Entity vulnerability in Enalean Tuleap 7.2 and earlier allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/.
CVSS Score
4.0
EPSS Score
0.116
Published
2014-10-31
Page 7