Fairsketch » Rise Ultimate Project Manager : Security Vulnerabilities, CVEs,

CVE-2024-0545

A vulnerability classified as problematic was found in CodeCanyon RISE Rise Ultimate Project Manager 3.5.3. This vulnerability affects unknown code of the file /index.php/signin. The manipulation of the argument redirect with the input http://evil.com leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250714 is the identifier assigned to this vulnerability.
Max CVSS
6.1
EPSS Score
0.05%
Published
2024-01-15
Updated
2024-04-11

CVE-2017-17999

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
Max CVSS
9.8
EPSS Score
0.19%
Published
2018-01-23
Updated
2018-02-09

CVE-2017-11182

In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the My Profile section. All input fields are vulnerable.
Max CVSS
5.4
EPSS Score
0.05%
Published
2017-07-12
Updated
2017-07-14

CVE-2017-11181

In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the Messaging section. Subject and Message fields are vulnerable.
Max CVSS
5.4
EPSS Score
0.05%
Published
2017-07-12
Updated
2017-07-14
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close