34 matches found
CVE-2024-25221
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...
PT-2024-20829
Name of the Vulnerable Software and Affected Versions Task Manager App version 1.0 Description A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter in the "/TaskManager/Task.php" API endpoint...
PT-2024-20833 · Unknown · Task Manager App
Name of the Vulnerable Software and Affected Versions: Task Manager App version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the projectID parameter at the "/TaskManager/EditProject.php" API endpoint. Recommendations: For Task...
CVE-2024-25221
CVE-2024-25221 affects Task Manager App v1.0, where a reflected XSS can be triggered via the Note Section parameter in /TaskManager/Tasks.php. The CVE entry lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, low attack complexity, no privileges, user interaction required, an...
CVE-2024-25222
CVE-2024-25222 affects Task Manager App v1.0, with a SQL injection vulnerability in the /TaskManager/EditProject.php endpoint, exploitable via the projectID parameter. The CVSSv3.1 vector/metrics indicate a CRITICAL impact (CVSS 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Connected sources confirm...
CVE-2024-25218
CVE-2024-25218 is a cross-site scripting (XSS) vulnerability in Task Manager App v1.0 where an attacker can inject arbitrary scripts via the Project Name parameter in /TaskManager/Projects.php. The issue originates from unsanitized input in the API endpoint, enabling script execution in a user’s ...
CVE-2024-25219
CVE-2024-25219 affects Task Manager App v1.0. The vulnerability is a cross-site scripting (XSS) flaw in the Task Name parameter of the /TaskManager/Task.php endpoint, enabling attackers to inject and execute arbitrary web scripts/HTML. Affected component: Task Manager App, file /TaskManager/Task....
CVE-2024-25220
CVE-2024-25220 : Task Manager App v1.0 is affected by a SQL injection vulnerability exploitable via the taskID parameter on /TaskManager/EditTask.php. The CVSS v3.1 metrics in the public entry show a_CRITICAL_ base score of 9.8 with NETWORK attack vector, LOW attack complexity, and NONE privilege...
PT-2024-20831 · Unknown · Task Manager App
Name of the Vulnerable Software and Affected Versions: Task Manager App version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the taskID parameter at the "/TaskManager/EditTask.php" API endpoint. Recommendations: For Task Manager A...
CVE-2024-25221
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...
CVE-2024-25219
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php...
CVE-2024-25220
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php...
Task Manager Cross-Site Scripting Vulnerability
Task Manager is an open source task manager application from Code-Projects. Task Manager App v1.0 suffers from a cross-site scripting vulnerability that originates from a cross-site scripting XSS vulnerability in the file /TaskManager/Task.php...
CVE-2024-24141
CVE-2024-24141 affects Sourcecodester School Task Manager App 1.0. The issue is a SQL Injection via the task parameter, as documented by multiple sources (NVD/NVD-derived entries and Red Hat advisory). The available information indicates a high-severity impact (CVSS 3.1 base score 9.8, Confidenti...