Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dotproject dotproject vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2008-6747
dotProject prior to 2.1.2 does not properly restrict access to administrative pages, which allows remote malicious users to gain privileges. NOTE: some of these details are obtained from third party information.
Dotproject Dotproject 2.0.3
Dotproject Dotproject 2.0.4
Dotproject Dotproject 0.2.1.5
Dotproject Dotproject 2.0
Dotproject Dotproject 2.1
Dotproject Dotproject 2.1.0
Dotproject Dotproject
Dotproject Dotproject 2.0.1
Dotproject Dotproject 2.0.2
755
VMScore
CVE-2006-4234
PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the baseDir parameter.
Dotproject Dotproject 2.0.1
Dotproject Dotproject 2.0.2
Dotproject Dotproject 2.0
Dotproject Dotproject 2.0.4
1 EDB exploit
383
VMScore
CVE-2006-2851
Cross-site scripting (XSS) vulnerability in index.php in dotProject 2.0.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters, which are not properly handled when the client is using Internet Explorer.
Dotproject Dotproject 2.0
Dotproject Dotproject 2.0.1
Dotproject Dotproject 2.0.2
445
VMScore
CVE-2006-0754
dotProject 2.0.1 and previous versions allows remote malicious users to obtain sensitive information via direct requests with an invalid baseDir to certain PHP scripts in the db directory, which reveal the path in an error message. NOTE: the vendor disputes this issue, saying tha...
Dotproject Dotproject 2.0
Dotproject Dotproject 2.0.1
445
VMScore
CVE-2006-0756
dotProject 2.0.1 and previous versions leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installation, which allows remote malicious users to obtain sensitive configuration information. NOTE: the vendor disputes this issue, saying that it could ...
Dotproject Dotproject 2.0
Dotproject Dotproject 2.0.1
560
VMScore
CVE-2006-0755
Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary commands via the baseDir parameter in (1) db_adodb.php, (2) db_connect.php, (3) session.php, (4) vw_usr_...
Dotproject Dotproject 2.0
Dotproject Dotproject 2.0.1
10 EDB exploits
383
VMScore
CVE-2006-3240
Cross-site scripting (XSS) vulnerability in classes/ui.class.php in dotProject 2.0.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the login parameter.
Dotproject Dotproject
1 Github repository
685
VMScore
CVE-2012-5701
Multiple SQL injection vulnerabilities in dotProject prior to 2.1.7 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) search_string or (2) where parameter in a contacts action, (3) dept_id parameter in a departments action, (4) project_id[] p...
Dotproject Dotproject
1 EDB exploit
435
VMScore
CVE-2012-5702
Multiple cross-site scripting (XSS) vulnerabilities in dotProject prior to 2.1.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) callback parameter in a color_selector action, (2) field parameter in a date_format action, or (3) company_name paramet...
Dotproject Dotproject
1 EDB exploit
570
VMScore
CVE-2007-5486
dotProject prior to 2.1 does not properly check privileges when invoking the Companies module, which allows remote malicious users to access this module via a crafted URL. NOTE: some of these details are obtained from third party information.
Dotproject Dotproject
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »