SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-11-24
Updated
2009-11-24
SQL injection vulnerability in GForge 4.5.19 allows remote attackers to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not properly handled in database-pgsql.php.
Max CVSS
7.5
EPSS Score
0.10%
Published
2009-02-19
Updated
2017-08-17
SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_edit[] parameter.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-02-19
Updated
2017-10-19
SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and earlier allows remote attackers to execute arbitrary SQL commands via the release_id parameter.
Max CVSS
7.5
EPSS Score
0.27%
Published
2009-02-19
Updated
2017-10-19
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.
Max CVSS
7.5
EPSS Score
0.39%
Published
2009-01-02
Updated
2017-08-08
SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
Max CVSS
7.5
EPSS Score
0.38%
Published
2008-01-15
Updated
2017-08-08
SQL injection vulnerability in www/people/editprofile.php in GForge 4.6b2 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_delete[] parameter.
Max CVSS
6.8
EPSS Score
0.49%
Published
2007-09-18
Updated
2017-10-19
SQL injection vulnerability in Gforge before 3.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.16%
Published
2007-09-06
Updated
2017-07-29
8 vulnerabilities found