Promanager: Security Vulnerabilities
Directory traversal vulnerability in inc/config.php in ProManager 0.73 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
CVSS Score
7.5
EPSS Score
0.033
Published
2008-06-13
SQL injection vulnerability in note.php in ProManager 0.73 allows remote attackers to execute arbitrary SQL commands via the note_id parameter.
CVSS Score
7.5
EPSS Score
0.011
Published
2006-08-28