CVE-2024-25221

A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...

CVE-2024-24142

Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter...

CVE-2024-24141

Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter...

CVE-2024-11096

A vulnerability, which was classified as critical, was found in code-projects Task Manager 1.0. This affects an unknown part of the file /newProject.php. The manipulation of the argument projectName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

February 11, 2025—KB5051980 (OS Build 25398.1425)

February 11, 2025—KB5051980 OS Build 25398.1425 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security updat...

February 11, 2025—KB5051979 (OS Build 20348.3207)

February 11, 2025—KB5051979 OS Build 20348.3207 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out wh...

February 25, 2025—KB5052093 (OS Build 26100.3323) Preview

February 25, 2025—KB5052093 OS Build 26100.3323 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 24H2, see its update history page. Note Follow @WindowsUpdate t...

CVE-2024-28276

Sourcecodester School Task Manager 1.0 is vulnerable to Cross Site Scripting XSS via add-task.php?taskname=...

CVE-2024-28277

In Sourcecodester School Task Manager v1.0, a vulnerability was identified within the subjectname= parameter, enabling Stored Cross-Site Scripting XSS attacks. This vulnerability allows attackers to manipulate the subject's name, potentially leading to the execution of malicious JavaScript payloa...

CVE-2024-26517

SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the delete-task.php component...

CVE-2025-23725

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pshikli Accessibility Task Manager accessibility-task-manager allows Reflected XSS.This issue affects Accessibility Task Manager: from n/a through = 1.2.1...

CVE-2025-23725 WordPress Accessibility Task Manager plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pshikli Accessibility Task Manager accessibility-task-manager allows Reflected XSS.This issue affects Accessibility Task Manager: from n/a through = 1.2.1...

CVE-2025-23725

CVE-2025-23725 : An XSS flaw in Accessibility Task Manager, described as "Improper Neutralization of Input During Web Page Generation (XSS)". The Red Hat and NVD entries confirm a Reflected XSS affecting Accessibility Task Manager versions up to 1.2.1 (exact affected range shown as from n/a throu...

CVE-2025-23725 WordPress Accessibility Task Manager plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pshikli Accessibility Task Manager accessibility-task-manager allows Reflected XSS.This issue affects Accessibility Task Manager: from n/a through = 1.2.1...

WordPress plugin Accessibility Task Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-5052 · Unknown · Taskmeister Accessibility Task Manager

Name of the Vulnerable Software and Affected Versions: TaskMeister Accessibility Task Manager versions 1.2.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means an attacker can inject malicious script...

WordPress Accessibility Task Manager plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Accessibility Task Manager versions = 1.2.1...

CVE-2024-10443

Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via...

CVE-2024-10443

Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via...

CVE-2024-10443

CVE-2024-10443 affects Synology BeePhotos (BeeStation OS) and Synology Photos on DSM 7.2. The flaw is Improper neutralization of special elements used in an OS command (OS command injection) in the Task Manager component. Affected versions include BeePhotos before 1.0.2-10026 and 1.1.0-10053, and...