Vulnerabilities > CVE-2023-36677 - Unspecified vulnerability in Smartypantsplugins SP Project & Document Manager

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
smartypantsplugins

Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Document Manager: from n/a through 4.67.

Vulnerable Configurations

Part Description Count
Application
Smartypantsplugins
411