| Max CVSS | 9.3 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-7177 | 4.0 |
XML External Entity vulnerability in Enalean Tuleap 7.2 and earlier allows remote authenticated users to read arbitrary files via a crafted xml document in a create action to plugins/tracker/. <a href="http://cwe.mitre.org/data/definitions/611.html"
|
08-09-2017 - 01:29 | 31-10-2014 - 14:55 | |
| CVE-2014-7176 | 6.5 |
SQL injection vulnerability in Enalean Tuleap before 7.5.99.4 allows remote authenticated users to execute arbitrary SQL commands via the lobal_txt parameter to plugins/docman.
|
08-09-2017 - 01:29 | 04-11-2014 - 15:55 | |
| CVE-2014-7178 | 9.3 |
Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.
|
17-12-2014 - 02:46 | 28-11-2014 - 15:59 |