364 matches found
The vulnerability of Windows operating system task schedulers allows a malicious actor to execute arbitrary commands with SYSTEM privileges.
The vulnerability of Windows operating system task schedulers is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands with SYSTEM privileges by sending a specially crafted XML file...
New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs
Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase logs to cover up evidence of malicious activities. The issues have been uncovered ...
CVE-2025-32599
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miunosoft Task Scheduler task-scheduler allows Reflected XSS.This issue affects Task Scheduler: from n/a through = 1.6.3...
CVE-2025-32599
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miunosoft Task Scheduler task-scheduler allows Reflected XSS.This issue affects Task Scheduler: from n/a through = 1.6.3...
CVE-2025-32599
CVE-2025-32599 affects the WordPress plugin Task Scheduler (
CVE-2025-32599 WordPress Task Scheduler Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miunosoft Task Scheduler task-scheduler allows Reflected XSS.This issue affects Task Scheduler: from n/a through = 1.6.3...
CVE-2025-32599 WordPress Task Scheduler Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in miunosoft Task Scheduler allows Reflected XSS. This issue affects Task Scheduler: from n/a through 1.6.3...
WordPress plugin Task Scheduler 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-16080 · Unknown · Miunosoft Task Scheduler
Name of the Vulnerable Software and Affected Versions: miunosoft Task Scheduler versions 1.6.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Reflected Cross-site Scripting XSS. This enables potential attackers to...
WordPress Task Scheduler Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Task Scheduler versions = 1.6.3...
CVE-2025-30004
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
EUVD-2025-8863
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30004
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30004
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30004 Xorcom CompletePBX <= 5.2.35 Task Scheduler Authenticated Command Injection
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30004 Xorcom CompletePBX <= 5.2.35 Task Scheduler Authenticated Command Injection
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user. This issue affects CompletePBX: all versions up to and prior to 5.2.35...
CVE-2025-30004
CVE-2025-30004 — Xorcom CompletePBX Authenticated Command Injection Affected: Xorcom CompletePBX versions up to 5.2.35 (all editions).Root cause: Authenticated command injection in the Task Scheduler subsystem; unsanitized parameters allow execution of arbitrary commands with web server/root priv...
PT-2025-13802
Name of the Vulnerable Software and Affected Versions Xorcom CompletePBX versions prior to 5.2.35 Description The issue affects the administrator Task Scheduler functionality, allowing attackers to execute arbitrary commands as the root user. Recommendations For versions prior to 5.2.35, update t...
CVE-2024-49072
Windows Task Scheduler Elevation of Privilege Vulnerability...
CVE-2024-49072
Windows Task Scheduler Elevation of Privilege Vulnerability...