Export limit exceeded: 366291 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366291 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (1 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-37004 2 Codexcube, Rise 2 Ultimate Project Manager Crm Pro, Ultimate Project Manager 2026-07-15 8.2 High
The Ultimate Project Manager CRM PRO version 2.0.5 contains a blind SQL injection vulnerability that allows attackers to extract usernames and password hashes from the tbl_users database table. Attackers can exploit the /frontend/get_article_suggestion/ endpoint by crafting malicious search parameters to progressively guess and retrieve user credentials through boolean-based inference techniques.