Vulnerabilities
CVE-2021-47720 - Orangescrum 1.8.0 Authenticated SQL Injection via Multiple Parameters
CVE ID : CVE-2021-47720 Published : Dec. 23, 2025, 8:15 p.m. | 32 minutes ago Description : Orangescrum 1.8.0 contains an authenticated SQL injection vulnerability that allows authorized users to manipulate database queries through multiple vulnerable parameters. Attackers can inject malicious SQL code into parameters like old_project_id, project_id, uuid, and uniqid to potentially extract or modify database information. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Source: Telegram CVE Monitor