6 matches found
CVE-2025-63709
A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...
PT-2025-46165
Name of the Vulnerable Software and Affected Versions SourceCodester Simple To-Do List System version 1.0 Description A Cross-Site Scripting XSS issue exists in the "Add Tasks" text input. An authenticated user can submit HTML or JavaScript that is not properly sanitized or encoded before being...
CVE-2025-10117
A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetchtasks.php of the component Add New Task. Executing manipulation with the input alert'XSS' can lead to cross site scripting. The attack can be executed remotely. The...
CVE-2025-10117
CVE-2025-10117 affects SourceCodester Simple To-Do List System 1.0. The vulnerability is in the Add New Task workflow, specifically the /fetch_tasks.php function, where input manipulation (e.g., ) can trigger a cross-site scripting attack. It is exploitable remotely and the exploit has been publi...
CVE-2025-4248
A vulnerability has been found in SourceCodester Simple To-Do List System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /completetask.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The...
CVE-2025-4247
A vulnerability, which was classified as critical, was found in SourceCodester Simple To-Do List System 1.0. Affected is an unknown function of the file /deletetask.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...