Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sp_project_\&_document_manager
(Smartypantsplugins)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-11-03 | CVE-2023-36677 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Document Manager: from n/a through 4.67. | Sp_project_\&_document_manager | 8.8 | ||
| 2024-07-09 | CVE-2024-37224 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.71. | Sp_project_\&_document_manager | 6.5 | ||
| 2014-12-02 | CVE-2014-9178 | Multiple SQL injection vulnerabilities in classes/ajax.php in the Smarty Pants Plugins SP Project & Document Manager plugin (sp-client-document-manager) 2.4.1 and earlier for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) vendor_email[] parameter in the email_vendor function or id parameter in the (2) download_project, (3) download_archive, or (4) remove_cat function. | Sp_project_\&_document_manager | N/A |