Known Vulnerabilities for products from Dotproject
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Dotproject".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2012-5702 json | Multiple cross-site scripting (XSS) vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web... | Not Provided | 2014-10-21 | 2026-05-06 |
| CVE-2012-5701 json | Multiple SQL injection vulnerabilities in dotProject before 2.1.7 allow remote authenticated administrators to execute arbitr... | Not Provided | 2014-10-20 | 2026-05-06 |
| CVE-2011-3729 json | dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals t... | Not Provided | 2011-09-23 | 2026-04-29 |
| CVE-2008-6747 json | dotProject before 2.1.2 does not properly restrict access to administrative pages, which allows remote attackers to gain priv... | Not Provided | 2009-04-23 | 2026-04-23 |
| CVE-2008-3887 json | Multiple SQL injection vulnerabilities in index.php in dotProject 2.1.2 allow (1) remote authenticated users to execute arbit... | Not Provided | 2008-09-02 | 2026-04-23 |
| CVE-2008-3886 json | Multiple cross-site scripting (XSS) vulnerabilities in index.php in dotProject 2.1.2 allow remote attackers to inject arbitra... | Not Provided | 2008-09-02 | 2026-04-23 |
| CVE-2007-5486 json | dotProject before 2.1 does not properly check privileges when invoking the Companies module, which allows remote attackers to... | Not Provided | 2007-10-16 | 2026-04-23 |
| CVE-2007-3226 json | Cross-site scripting (XSS) vulnerability in dotProject before 2.1 RC2 allows remote attackers to inject arbitrary web script ... | Not Provided | 2007-06-14 | 2026-04-23 |
| CVE-2006-4234 json | PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and earlier allows remote attackers to... | 7.5 - HIGH | 2006-08-18 | 2017-10-19 |
| CVE-2006-3240 json | Cross-site scripting (XSS) vulnerability in classes/ui.class.php in dotProject 2.0.3 and earlier allows remote attackers to i... | 4.3 - MEDIUM | 2006-06-27 | 2022-12-09 |
| CVE-2006-2851 json | Cross-site scripting (XSS) vulnerability in index.php in dotProject 2.0.2 and earlier allows remote attackers to inject arbit... | 4.3 - MEDIUM | 2006-06-06 | 2017-07-20 |
| CVE-2006-0756 json | dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installatio... | Not Provided | 2006-02-18 | 2025-04-03 |
| CVE-2006-0755 json | Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow rem... | Not Provided | 2006-02-18 | 2025-04-03 |
| CVE-2006-0754 json | dotProject 2.0.1 and earlier allows remote attackers to obtain sensitive information via direct requests with an invalid base... | Not Provided | 2006-02-18 | 2025-04-03 |
| CVE-2002-1428 json | index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL with the user_cookie par... | Not Provided | 2003-04-11 | 2025-04-03 |
Known software with vulnerabilities from Dotproject
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Dotproject | Dotproject | 2.1.6 |