Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-47882

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.004EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-47881

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.0041EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:12 a.m.8 views

CVE-2022-44290

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php...

9.8CVSS8.2AI score0.03616EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.10 views

CVE-2022-44957

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS6AI score0.01037EPSS
Exploits1References1
NVD
NVD
added 2022/12/02 8:15 p.m.23 views

CVE-2022-44960

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field...

5.4CVSS0.004EPSS
Exploits1References1
NVD
NVD
added 2022/12/02 8:15 p.m.20 views

CVE-2022-44955

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...

5.4CVSS0.004EPSS
Exploits1References1
NVD
NVD
added 2022/12/02 8:15 p.m.24 views

CVE-2022-44954

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking "Add"...

5.4CVSS0.0041EPSS
Exploits1References1
NVD
NVD
added 2022/12/02 8:15 p.m.21 views

CVE-2022-44290

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php...

9.8CVSS0.03616EPSS
Exploits1References1
NVD
NVD
added 2022/12/02 8:15 p.m.19 views

CVE-2022-44291

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php...

9.8CVSS0.03616EPSS
Exploits1References1
Prion
Prion
added 2022/12/02 8:15 p.m.11 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking "Add"...

4.9CVSS5.3AI score0.0041EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 8:15 p.m.13 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /linkedcontent/listfiles.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking "Add"...

4.9CVSS5.3AI score0.0041EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 8:15 p.m.9 views

Sql injection

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php...

7.5CVSS9.7AI score0.03616EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 8:15 p.m.21 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

4.9CVSS5.3AI score0.004EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 8:15 p.m.13 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject field...

4.9CVSS5.3AI score0.004EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 8:15 p.m.13 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

4.9CVSS5.3AI score0.0041EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 8:15 p.m.17 views

Sql injection

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php...

7.5CVSS9.7AI score0.03616EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/02 12:0 a.m.5 views

PT-2022-27355 · Webtareas · Webtareas

Name of the Vulnerable Software and Affected Versions: webtareas version 2.4p5 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field in the Chat function. This enables the execution of malicious code, potentially...

5.4CVSS5.5AI score0.004EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/12/02 12:0 a.m.28 views

CVE-2022-44955

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...

5.5AI score0.004EPSS
Exploits1References1
CVE
CVE
added 2022/12/02 12:0 a.m.66 views

CVE-2022-44290

WebTareas 2.4p5 contains a SQL injection in deleteapprovalstages.php via the id parameter. Nuclei details describe an authenticated time-based blind SQL injection that can extract sensitive data (tasks, user credentials, projects). CVSS v3.1 base score 9.8 (CRITICAL). Remediation guidance: upgrad...

9.8CVSS9.8AI score0.03616EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/12/02 12:0 a.m.25 views

CVE-2022-44290

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php...

10AI score0.03616EPSS
Exploits1References1
Rows per page
Query Builder