Vulnerabilities > Enalean > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-29 | CVE-2017-7981 | OS Command Injection vulnerability in multiple products Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. | 9.0 |
| 2014-11-28 | CVE-2014-7178 | Improper Input Validation vulnerability in Enalean Tuleap Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function. | 9.3 |