Fairsketch Rise_ultimate_project_manager
15 CVEs affecting Fairsketch Rise_ultimate_project_manager. Latest disclosed: 2025-11-11. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-17999 | Critical | 9.8 | 2018-01-23 | SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.ph… |
CVE-2025-60378 | High | 8.1 | 2025-10-10 | Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject arbitrary HTML into invoices and messages. Injected content r… |
CVE-2025-63293 | Medium | 6.5 | 2025-11-03 | FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remote authenticated user can append comments or upload attachmen… |
CVE-2025-56807 | Medium | 6.1 | 2025-09-29 | A cross-site scripting (XSS) vulnerability in FairSketch RISE Ultimate Project Manager & CRM 3.9.4 allows an administrator to store a JavaScript payload using… |
CVE-2024-8945 | Medium | 5.5 | 2024-09-17 | A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified as critical. This vulnerability affects unknown code of the fil… |
CVE-2025-41106 | Medium | 5.4 | 2025-11-11 | HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user… |
CVE-2025-41105 | Medium | 5.4 | 2025-11-11 | HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user… |
CVE-2025-41104 | Medium | 5.4 | 2025-11-11 | HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user… |
CVE-2025-41103 | Medium | 5.4 | 2025-11-11 | HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user… |
CVE-2025-41102 | Medium | 5.4 | 2025-11-11 | HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user… |
CVE-2025-41101 | Medium | 5.4 | 2025-11-11 | HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user… |
CVE-2017-11182 | Medium | 5.4 | 2017-07-12 | In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the My Profile section. All input fields are vulnerable. |
CVE-2017-11181 | Medium | 5.4 | 2017-07-12 | In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the Messaging section. Subject and Message fields are vulnerable. |
CVE-2024-0545 | Medium | 5.3 | 2024-01-15 | A vulnerability classified as problematic was found in CodeCanyon RISE Ultimate Project Manager 3.5.3. This vulnerability affects unknown code of the file /ind… |
CVE-2025-3855 | Medium | 4.3 | 2025-04-22 | A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality… |