Anas Cherni

Researcher fromMazars Cybersecurity
#18891of 53,633
14.2Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2024-22875
5.4
2024-04-04
Projeqtor · Projeqtor · CVE-2024-29386
**Name of the Vulnerable Software and Affected Versions** projeqtor versions prior to 11.2.0 **Description** The issue is related to a SQL injection vulnerability. It affects the component /view/criticalResourceExport.php. **Recommendations** For versions prior to 11.2.0, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the /view/criticalResourceExport.php component until a patch is available.
PT-2024-22876
8.8
2024-04-04
Projeqtor · Projeqtor · CVE-2024-29387
**Name of the Vulnerable Software and Affected Versions** projeqtor versions prior to 11.2.0 **Description** The issue is related to a remote code execution (RCE) vulnerability. It can be exploited via the /view/print.php component. **Recommendations** For versions prior to 11.2.0, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the /view/print.php component until a patch is available.