Show filters
501 Total Results
Displaying 311-320 of 501
Sort by:
Attacker Value
Unknown
CVE-2018-0913
Disclosure Date: March 14, 2018 (last updated November 26, 2024)
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.
0
Attacker Value
Unknown
CVE-2018-0914
Disclosure Date: March 14, 2018 (last updated November 26, 2024)
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.
0
Attacker Value
Unknown
CVE-2018-0911
Disclosure Date: March 14, 2018 (last updated November 26, 2024)
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910, CVE-2018-0912, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947.
0
Attacker Value
Unknown
CVE-2017-9786
Disclosure Date: March 06, 2018 (last updated November 26, 2024)
Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) before commit 6c3710430be26feb5371cb0377e5355d6f9a27ca allows remote attackers to inject arbitrary web script or HTML via the Description field in My account Name updated, related to home.php and actions-log.php.
0
Attacker Value
Unknown
CVE-2017-9783
Disclosure Date: March 06, 2018 (last updated November 26, 2024)
Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) before commit 6c3710430be26feb5371cb0377e5355d6f9a27ca allows remote attackers to inject arbitrary web script or HTML via the Description field in a Site name updated.
0
Attacker Value
Unknown
CVE-2018-6489
Disclosure Date: February 22, 2018 (last updated November 08, 2023)
XML External Entity (XXE) vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability can be exploited to allow XML External Entity (XXE)
0
Attacker Value
Unknown
CVE-2018-6024
Disclosure Date: February 18, 2018 (last updated November 26, 2024)
SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter.
0
Attacker Value
Unknown
CVE-2017-8993
Disclosure Date: February 15, 2018 (last updated November 26, 2024)
A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management (PPM) version v9.30, v9.31, v9.32, v9.40 was found.
0
Attacker Value
Unknown
CVE-2015-2796
Disclosure Date: February 02, 2018 (last updated November 26, 2024)
Multiple cross-site scripting (XSS) vulnerabilities in Project-Pier ProjectPier-Core allow remote attackers to inject arbitrary web script or HTML via the search_for parameter to (1) search_by_tag.php, (2) search_contacts.php, or (3) search.php.
0
Attacker Value
Unknown
CVE-2017-17999
Disclosure Date: January 23, 2018 (last updated November 26, 2024)
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
0
