422 matches found
CVE-2025-0847
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2024-2571
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /manage-admin.php. The manipulation leads to execution after redirect. The attack can be initiated remotely. The exploit has been...
CVE-2024-2575
A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument taskid leads to authorization bypass. The attack may be...
CVE-2024-2572
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /task-details.php. The manipulation leads to execution after redirect. The attack may be initiated remotely. The exploit has been...
PT-2025-20511
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been identified where the task management thread accesses an invalid queue ID, set by the reset thread, which points to unallocated memory, causing a cras...
CVE-2025-0847
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2025-0847
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2025-0846
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2025-0846
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2025-0847
The CVE-2025-0847 entry concerns 1000 Projects Employee Task Management System 1.0. The vulnerability resides in the Login component, specifically the /index.php file, where manipulating the email parameter enables SQL injection. This can be exploited remotely, and public exploitation is indicate...
CVE-2025-0847 1000 Projects Employee Task Management System Login index.php sql injection
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2025-0847 1000 Projects Employee Task Management System Login index.php sql injection
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2025-0846
The CVE-2025-0846 vulnerability affects 1000 Projects Employee Task Management System v1.0, specifically in /admin/AdminLogin.php where the email parameter is susceptible to SQL injection. Attackers can remotely exploit this flaw, and public disclosures exist. Multiple feeds (NVD, Red Hat, CVE re...
1000 Projects Employee Task Management System SQL注入漏洞
1000 Projects Employee Task Management System is an open source employee task management system from 1000 Projects. A SQL injection vulnerability exists in 1000 Projects Employee Task Management System version 1.0, which is caused by SQL injection due to parameter email...
CVE-2024-56779 nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4openowner leak when concurrent nfsd4open occur The action force umountumount -f will attempt to kill all rpctask even umount operation may ultimately fail if some files remain open. Consequently, if an action attemp...
PT-2025-7266 · Weeek · Weeek
Name of the Vulnerable Software and Affected Versions: WEEEK affected versions not specified Description: The issue is related to the failure to neutralize HTML tags in the WEEEK task and project management service. This could allow a remote attacker to execute arbitrary HTML code. Recommendation...
kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible
A vulnerability was found in the Linux kernel's qedf driver function qedfexecutetmf, where the function call smpprocessorid is done from preemptible code before acquiring a lock which can result in BUGON when running an RT kernel. This can result in system inconsistencies...
CVE-2024-48706
Collabtive 3.1 is vulnerable to cross-site scripting (XSS) via the title parameter when using action=add (managemessage.php) or action=editform (managetask.php). Root cause is unsanitized input in the title field. Affected: Collabtive 3.1. Exploitation details are not provided beyond the affected...
AZL-51165 CVE-2024-49863 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhostscsigetreq Since commit 3f8ca2e115e5 "vhost/scsi: Extract common handling code from control queue handler" a null pointer dereference bug can be triggered when guest sends an SCSI AN...
Synology DiskStation Manager OS Command Injection (CVE-2022-22684)
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in task management component in Synology DiskStation Manager DSM before 6.2.4-25553 allows remote authenticated users to execute arbitrary commands via unspecified vectors. This plugin only work...