Lucene search
K

4 matches found

0day.today
0day.today
added 2024/02/26 12:0 a.m.344 views

taskhub 2.8.7 - SQL Injection Vulnerability

Exploit Title: taskhub 2.8.7 - SQL Injection Exploit Author: CraCkEr Vendor: Infinitie Technologies Vendor Homepage: https://www.infinitietech.com/ Software Link: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Demo: https://taskhub.company/auth Tested on: Windows...

8CVSS6.6AI score0.00692EPSS
Exploits5
0day.today
0day.today
added 2023/09/19 12:0 a.m.408 views

Taskhub 2.8.7 SQL Injection Vulnerability

Exploit Title: taskhub 2.8.7 - SQL Injection Exploit Author: CraCkEr Vendor: Infinitie Technologies Vendor Homepage: https://www.infinitietech.com/ Software Link: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Demo: https://taskhub.company/auth Tested on: Windows...

8CVSS8AI score0.00692EPSS
Exploits5
Cvelist
Cvelist
added 2023/09/15 2:31 p.m.34 views

CVE-2023-4987 infinitietech taskhub GET Parameter get_tasks_list sql injection

A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...

5.5CVSS8.3AI score0.00692EPSS
Exploits5References3
CVE
CVE
added 2023/09/15 2:31 p.m.55 views

CVE-2023-4987

Infinitietech Taskhub 2.8.7 is affected by a SQL injection in the GET Parameter Handler, specifically in /home/get_tasks_list. The vulnerable GET parameters include project, status, user_id, sort, and search, allowing manipulation that leads to SQL injection. Public references (Exploit-DB) docume...

8CVSS6.7AI score0.00692EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder