40 matches found
WebTareas 2.4p5 - Cross-Site Scripting
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field. id: CVE-2022-44957 info: name: WebTareas...
EUVD-2022-47882
Malicious code in bioql PyPI...
EUVD-2022-47881
Malicious code in bioql PyPI...
CVE-2022-44290
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php...
CVE-2022-44957
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2022-44960
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field...
CVE-2022-44954
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking "Add"...
CVE-2022-44955
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...
CVE-2022-44291
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php...
CVE-2022-44290
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php...
Sql injection
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php...
Cross site scripting
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
Cross site scripting
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
Cross site scripting
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /linkedcontent/listfiles.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking "Add"...
Cross site scripting
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject field...
Sql injection
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php...
Cross site scripting
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking "Add"...
CVE-2022-44959
webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
webTareas SQL注入漏洞
webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A security vulnerability exists in webTareas version 2.4p5, which originates from an SQL injection via the id parameter in...
PT-2022-27355 · Webtareas · Webtareas
Name of the Vulnerable Software and Affected Versions: webtareas version 2.4p5 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field in the Chat function. This enables the execution of malicious code, potentially...