CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phprojekt: >> Phprojekt >> 5.2 Security Vulnerabilities

CVE-2007-1575

Multiple SQL injection vulnerabilities in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via (1) unspecified vectors to the (a) calendar and (2) search modules, and an (2) unspecified cookie when the user logs out.

CVSS Score

7.5

EPSS Score

0.012

Published

2007-03-21

CVE-2007-1576

Multiple cross-site scripting (XSS) vulnerabilities in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the (1) Projects, (2) Contacts, (3) Helpdesk, (4) Search (only Gecko engine driven Browsers), and (5) Notes modules; the (6) Mail summary page; and unspecified other files.

CVSS Score

4.3

EPSS Score

0.009

Published

2007-03-21

Page 1

Vulnerabilities

Vulnerable Software

Phprojekt: >> Phprojekt >> 5.2 Security Vulnerabilities

Products

Pricing

Contact Us