Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enalean tuleap vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-7176
SQL injection vulnerability in Enalean Tuleap prior to 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobal_txt parameter to plugins/docman.
Enalean Tuleap
2 EDB exploits
4
CVSSv2
CVE-2014-7177
XML External Entity vulnerability in Enalean Tuleap 7.2 and previous versions allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/.
Enalean Tuleap
1 EDB exploit
9.3
CVSSv2
CVE-2014-7178
Enalean Tuleap prior to 7.5.99.6 allows remote malicious users to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.
Enalean Tuleap
1 EDB exploit
7.5
CVSSv2
CVE-2018-7538
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform prior to 9.18 allows malicious users to execute arbitrary SQL commands.
Enalean Tuleap
1 EDB exploit
6
CVSSv2
CVE-2021-41276
Tuleap is a Libre and Open Source tool for end to end traceability of application and system developments. In affected versions Tuleap does not sanitize properly the search filter built from the ldap_id attribute of a user during the daily synchronization. A malicious user could ...
Enalean Tuleap
6.5
CVSSv2
CVE-2017-7411
An issue exists in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements() method is using the unserialize() function with a preference value that can be arbitrarily manipulated by malicious users through the REST API interface, and t...
Enalean Tuleap
1 EDB exploit
6.5
CVSSv2
CVE-2021-41147
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with admin rights in one agile dashboard serv...
Enalean Tuleap
6.5
CVSSv2
CVE-2021-41148
Tuleap Open ALM is a libre and open source tool for end to end traceability of application and system developments. Prior to version 11.16.99.173 of Community Edition and versions 11.16-6 and 11.15-8 of Enterprise Edition, an attacker with the ability to add one the CI widget to ...
Enalean Tuleap
6.5
CVSSv2
CVE-2021-41154
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker with read access to a "SVN core" repository could execute arbitrary SQL queries. The following versions contain the fix: Tuleap Co...
Enalean Tuleap
6.5
CVSSv2
CVE-2021-41155
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following vers...
Enalean Tuleap
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »