CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2018-7538 – Tuleap 9.17.99.189 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2018-7538
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands. Una vulnerabilidad de inyección SQL en la funcionalidad tracker de la plataforma de ingeniería de software Enalean Tuleap, en versiones anteriores a la 9.18, permite que atacantes ejecuten comandos SQL arbitrarios. Tuleap version 9.17.99.189 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/44286 http://seclists.org/fulldisclosure/2018/Mar/20 https://github.com/cmaruti/reports/blob/master/tuleap.pdf https://tuleap.net/plugins/tracker/?aid=11192 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-7634
https://notcve.org/view.php?id=CVE-2018-7634
An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mitigation while changing an e-mail address makes it possible to abuse the functionality by attackers. By making a CSRF attack, an attacker could make a victim change his registered e-mail address on the application, leading to account takeover. Se ha descubierto un problema en Enalean Tuleap 9.17. La falta de mitigación de ataques Cross-Site Request Forgery (CSRF) al cambiar una dirección de email posibilita que los atacantes puedan abusar de la funcionalidad. • https://github.com/Enalean/tuleap/commit/0843c046eee54b16ec6a7753c575838212770189 https://mustafairan.wordpress.com/2018/03/05/tuleap-mail-change-csrf-vulnerability-leads-to-account-takeover https://tuleap.net/plugins/git/tuleap/tuleap/stable?p=tuleap%2Fstable.git&a=commit&h=d6701289ae55de900929ff0f66313fa9771a198d https://tuleap.net/plugins/tracker/?aid=11217 https://twitter.com/Mustafaran/status/970745812887199744 • CWE-352: Cross-Site Request Forgery (CSRF) •