RSS   Vulnerabilities for 'Projectpier'   RSS

2020-02-07
 
CVE-2013-3637

CWE-79
 

 
ProjectPier 0.8.8 does not use the Secure flag for cookies

 
 
CVE-2013-3636

CWE-79
 

 
ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag

 
 
CVE-2013-3635

CWE-79
 

 
ProjectPier 0.8.8 has stored XSS

 
2018-02-02
 
CVE-2015-2796

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Project-Pier ProjectPier-Core allow remote attackers to inject arbitrary web script or HTML via the search_for parameter to (1) search_by_tag.php, (2) search_contacts.php, or (3) search.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top