Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enalean tuleap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-8791
project/register.php in Tuleap prior to 7.7, when sys_create_project_in_one_step is disabled, allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via the data parameter.
Enalean Tuleap 7.6
1 EDB exploit
NA
CVE-2014-7178
Enalean Tuleap prior to 7.5.99.6 allows remote malicious users to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.
Enalean Tuleap
1 EDB exploit
NA
CVE-2014-7176
SQL injection vulnerability in Enalean Tuleap prior to 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobal_txt parameter to plugins/docman.
Enalean Tuleap
2 EDB exploits
NA
CVE-2014-7177
XML External Entity vulnerability in Enalean Tuleap 7.2 and previous versions allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/.
Enalean Tuleap
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4