genie 安全漏洞

Genie is a CLI tool developed by Automagik that automatically converts sentence-based requests into complete pull requests. Version 2.5.27 of Genie has a security vulnerability. This vulnerability stems from command injection in the viewtask parameter of the readTranscriptFromCommit function, whi...

EUVD-2019-17276

Malware in sbrugna...

CVE-2025-7721

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.7.3 via the task parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the...

CVE-2025-7721

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.7.3 via the task parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the...

CVE-2025-7721 JoomSport <= 5.7.3 - Unauthenticated Directory Traversal to Local File Inclusion

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.7.3 via the task parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the...

EUVD-2025-32275

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.7.3 via the task parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the...

CVE-2025-7721

CVE-2025-7721 concerns the WordPress plugin JoomSport – for Sports: Team & League, Football, Hockey & more (versions ≤ 5.7.3). It is a Unauthenticated Local File Inclusion via the task parameter, allowing an attacker to include/execute arbitrary PHP files on the server (potential code execution, ...

PT-2025-40476

Name of the Vulnerable Software and Affected Versions JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress versions prior to 5.7.4 Description The JoomSport plugin for WordPress is susceptible to a Local File Inclusion issue through the task parameter. This allows...

CVE-2024-24141

Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter...

CVE-2019-7426

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter...

SourceCodester Online Timesheet App 跨站脚本漏洞

SourceCodester Online Timesheet App is a SourceCodester open source web application built with PHP and MySQL designed to simplify time management and task tracking. A cross-site scripting vulnerability exists in version 1.0 of the SourceCodester Online Timesheet App, which stems from a cross-site...

SourceCodester Task Progress Tracker 安全漏洞

SourceCodester Task Progress Tracker is a task progress tracker from SourceCodester, Inc. A security vulnerability exists in SourceCodester Task Progress Tracker version 1.0, which stems from an incorrect manipulation of the parameter task that can lead to sql injection...

CVE-2024-24141

Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter...

School Task Manager Security Vulnerability

School Task Manager is a school task manager by rems personal developer. A security vulnerability exists in School Task Manager version 1.0, which is caused by a SQL injection vulnerability in the task parameter...

CVE-2024-24141

Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter...

PT-2024-20293 · Unknown · Sourcecodester School Task Manager

Name of the Vulnerable Software and Affected Versions: Sourcecodester School Task Manager App version 1.0 Description: The issue allows SQL Injection via the task parameter. This could potentially be exploited to extract or modify sensitive data. There is no information provided about the estimat...

CVE-2022-24589

Burden v3.0 was discovered to contain a stored cross-site scripting XSS in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter...

CVE-2019-7425

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter...

Cross site scripting

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter...

Cross site scripting

includes\online.php in DbNinja 3.2.7 allows XSS via the data.php task parameter if users/admin/tasks.php exists...