Lucene search
K

364 matches found

BDU FSTEC
BDU FSTEC
added 2025/04/22 12:0 a.m.6 views

The vulnerability of Windows operating system task schedulers allows a malicious actor to execute arbitrary commands with SYSTEM privileges.

The vulnerability of Windows operating system task schedulers is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands with SYSTEM privileges by sending a specially crafted XML file...

8.8CVSS5.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2025/04/16 4:18 p.m.33 views

New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs

Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase logs to cover up evidence of malicious activities. The issues have been uncovered ...

7.8CVSS8.3AI score0.00481EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/13 9:23 a.m.18 views

CVE-2025-32599

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miunosoft Task Scheduler task-scheduler allows Reflected XSS.This issue affects Task Scheduler: from n/a through = 1.6.3...

7.1CVSS7.2AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2025/04/11 9:15 a.m.19 views

CVE-2025-32599

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miunosoft Task Scheduler task-scheduler allows Reflected XSS.This issue affects Task Scheduler: from n/a through = 1.6.3...

7.1CVSS0.00303EPSS
Exploits0References1
CVE
CVE
added 2025/04/11 8:42 a.m.52 views

CVE-2025-32599

CVE-2025-32599 affects the WordPress plugin Task Scheduler (

7.1CVSS7.2AI score0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/11 8:42 a.m.26 views

CVE-2025-32599 WordPress Task Scheduler Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miunosoft Task Scheduler task-scheduler allows Reflected XSS.This issue affects Task Scheduler: from n/a through = 1.6.3...

7.1CVSS0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/11 8:42 a.m.6 views

CVE-2025-32599 WordPress Task Scheduler Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miunosoft Task Scheduler allows Reflected XSS. This issue affects Task Scheduler: from n/a through 1.6.3...

7.1CVSS7AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/11 12:0 a.m.6 views

WordPress plugin Task Scheduler 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6.9AI score0.00303EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/11 12:0 a.m.5 views

PT-2025-16080 · Unknown · Miunosoft Task Scheduler

Name of the Vulnerable Software and Affected Versions: miunosoft Task Scheduler versions 1.6.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Reflected Cross-site Scripting XSS. This enables potential attackers to...

7.1CVSS7.2AI score0.00303EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/04/09 4:54 p.m.5 views

WordPress Task Scheduler Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Task Scheduler versions = 1.6.3...

7.1CVSS6.9AI score0.00303EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/02 5:34 p.m.18 views

CVE-2025-30004

Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

9.1CVSS8.5AI score0.03853EPSS
Exploits3References1
EUVD
EUVD
added 2025/03/31 6:31 p.m.9 views

EUVD-2025-8863

Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

9.1CVSS7.8AI score0.03853EPSS
Exploits3References3
OSV
OSV
added 2025/03/31 5:15 p.m.5 views

CVE-2025-30004

Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

8.8CVSS6AI score0.03853EPSS
Exploits3References2
NVD
NVD
added 2025/03/31 5:15 p.m.34 views

CVE-2025-30004

Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

8.8CVSS0.03853EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2025/03/31 4:42 p.m.4 views

CVE-2025-30004 Xorcom CompletePBX <= 5.2.35 Task Scheduler Authenticated Command Injection

Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

8.8CVSS8.2AI score0.03853EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/03/31 4:42 p.m.37 views

CVE-2025-30004 Xorcom CompletePBX <= 5.2.35 Task Scheduler Authenticated Command Injection

Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

8.8CVSS0.03853EPSS
Exploits3References2
CVE
CVE
added 2025/03/31 4:42 p.m.90 views

CVE-2025-30004

CVE-2025-30004 — Xorcom CompletePBX Authenticated Command Injection Affected: Xorcom CompletePBX versions up to 5.2.35 (all editions).Root cause: Authenticated command injection in the Task Scheduler subsystem; unsanitized parameters allow execution of arbitrary commands with web server/root priv...

8.8CVSS9.8AI score0.03853EPSS
Exploits3References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.6 views

PT-2025-13802

Name of the Vulnerable Software and Affected Versions Xorcom CompletePBX versions prior to 5.2.35 Description The issue affects the administrator Task Scheduler functionality, allowing attackers to execute arbitrary commands as the root user. Recommendations For versions prior to 5.2.35, update t...

8.8CVSS7.5AI score0.03853EPSS
Exploits3References10
NVD
NVD
added 2024/12/12 2:4 a.m.17 views

CVE-2024-49072

Windows Task Scheduler Elevation of Privilege Vulnerability...

7.8CVSS0.00599EPSS
Exploits0References1
OSV
OSV
added 2024/12/12 2:4 a.m.3 views

CVE-2024-49072

Windows Task Scheduler Elevation of Privilege Vulnerability...

7.8CVSS5.8AI score0.00599EPSS
Exploits0References1
Rows per page
Query Builder