Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projeqtor projeqtor vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29386
projeqtor up to 11.2.0 exists to contain a SQL injection vulnerability via the component /view/criticalResourceExport.php.
NA
CVE-2024-29387
projeqtor up to 11.2.0 exists to contain a remote code execution (RCE) vulnerability via the component /view/print.php.
NA
CVE-2023-49034
Cross Site Scripting (XSS) vulnerability in ProjeQtOr 11.0.2 allows a remote malicious user to execute arbitrary code via a crafted script to thecheckvalidHtmlText function in the ack.php and security.php files.
9.9
CVSSv3
CVE-2021-42940
A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an malicious user to upload a SVG file containing malicious JavaScript code.
Projeqtor Projeqtor
1 Github repository
8.8
CVSSv3
CVE-2018-18924
The image-upload feature in ProjeQtOr 7.2.5 allows remote malicious users to execute arbitrary code by uploading a .shtml file with "#exec cmd" because rejected files remain on the server, with predictable filenames, after a "This file is not a valid image" er...
Projeqtor Projeqtor
1 EDB exploit
8.8
CVSSv3
CVE-2017-11760
uploadImage.php in ProjeQtOr prior to 6.3.2 allows remote authenticated users to execute arbitrary PHP code by uploading a .php file composed of concatenated image data and script data, as demonstrated by uploading as an image within the description text area.
Projeqtor Projeqtor
NA
CVE-2013-6163
Multiple cross-site scripting (XSS) vulnerabilities in ProjeQtOr (formerly Project'Or RIA) prior to 4.0.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) type parameter to view/parameter.php, (2) p1value parameter to view/main.php, or (3) obje...
Projeqtor Projeqtor
Projeqtor Projeqtor 3.4.3
Projeqtor Projeqtor 3.2.2
Projeqtor Projeqtor 3.2.1
Projeqtor Projeqtor 3.0.1
Projeqtor Projeqtor 3.0.0
Projeqtor Projeqtor 2.5.1
Projeqtor Projeqtor 2.5.0
Projeqtor Projeqtor 2.2.2
Projeqtor Projeqtor 2.2.1
Projeqtor Projeqtor 1.8.3
Projeqtor Projeqtor 1.8.2
Projeqtor Projeqtor 1.6.1
Projeqtor Projeqtor 1.6.0
Projeqtor Projeqtor 1.4.2
Projeqtor Projeqtor 1.4.1
Projeqtor Projeqtor 1.0.0
Projeqtor Projeqtor 0.9.0
Projeqtor Projeqtor 0.4.0
Projeqtor Projeqtor 0.3.0
Projeqtor Projeqtor 3.4.2
Projeqtor Projeqtor 3.4.1
NA
CVE-2013-6164
SQL injection vulnerability in view/objectDetail.php in Project'Or RIA 3.4.0 allows remote malicious users to execute arbitrary SQL commands via the objectId parameter.
Projeqtor Projeqtor 3.4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started