CVE-2025-63709

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

EUVD-2025-44059

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

CVE-2025-63709

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

CVE-2025-63709

CVE-2025-63709 is a stored XSS in SourceCodester Simple To-Do List System 1.0, occurring in the Add Tasks input. An authenticated user can submit HTML/JS not properly sanitized, with the injected script stored and later rendered for other users, enabling arbitrary script execution in the victim’s...

CVE-2025-63709

A Cross-Site Scripting XSS vulnerability exists in SourceCodester Simple To-Do List System 1.0 in the "Add Tasks" text input. An authenticated user can submit HTML/JavaScript that is not correctly sanitized or encoded on output. The injected script is stored and later rendered in the browser of a...

PT-2025-46165

Name of the Vulnerable Software and Affected Versions SourceCodester Simple To-Do List System version 1.0 Description A Cross-Site Scripting XSS issue exists in the "Add Tasks" text input. An authenticated user can submit HTML or JavaScript that is not properly sanitized or encoded before being...

CVE-2025-63638

Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting XSS in the "Task Title" and "Description Optional" fields when creating a Task, allowing an attacker to inject arbitrary potentially malicious HTML/JavaScript code that executes in the victim's browser upon clicki...

SourceCodester AI-Powered To-Do List App 安全漏洞

SourceCodester AI-Powered To-Do List App is an Artificial Intelligence-based to-do list app from SourceCodester open source. A security vulnerability exists in SourceCodester AI-Powered To-Do List App v1.0, which stems from the Task Title and Description Optional fields not adequately validating...

CVE-2025-63638

The CVE-2025-63638 entry corresponds to a Cross-Site Scripting (XSS) vulnerability in Sourcecodester AI-Powered To-Do List App v1.0. According to multiple sources (NVD, Red Hat, ENISA/EUVD, CVE/CVEList, CNNVD), the flaw affects the Task Title and the Description (Optional) fields when creating a ...

EUVD-2024-35481

Malicious code in bioql PyPI...

EUVD-2025-13346

Malicious code in bioql PyPI...

EUVD-2024-29272

Malicious code in bioql PyPI...

CVE-2025-10117

A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetchtasks.php of the component Add New Task. Executing manipulation with the input alert'XSS' can lead to cross site scripting. The attack can be executed remotely. The...

CVE-2025-10117

A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetchtasks.php of the component Add New Task. Executing manipulation with the input alert'XSS' can lead to cross site scripting. The attack can be executed remotely. The...

CVE-2025-10117 SourceCodester Simple To-Do List System Add New Task fetch_tasks.php cross site scripting

A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetchtasks.php of the component Add New Task. Executing manipulation with the input alert'XSS' can lead to cross site scripting. The attack can be executed remotely. The...

CVE-2025-10117

CVE-2025-10117 affects SourceCodester Simple To-Do List System 1.0. The vulnerability is in the Add New Task workflow, specifically the /fetch_tasks.php function, where input manipulation (e.g., ) can trigger a cross-site scripting attack. It is exploitable remotely and the exploit has been publi...

PT-2025-36539

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple To-Do List System version 1.0 Description: A weakness exists in SourceCodester Simple To-Do List System that allows for cross site scripting. The issue is located in the /fetch tasks.php file, within the Add New Task...

SourceCodester Simple To-Do List System 代码注入漏洞

SourceCodester Simple To-Do List System is SourceCodester open source a simple to-do list system . A code injection vulnerability exists in SourceCodester Simple To-Do List System version 1.0, which originates from a cross-site scripting attack due to incorrect manipulation of the file...

CVE-2024-31376

Cross-Site Request Forgery CSRF vulnerability in Andrew Dashboard To-Do List dashboard-to-do-list.This issue affects Dashboard To-Do List: from n/a through = 1.3.1...

CVE-2024-35723

Missing Authorization vulnerability in Andrew Dashboard To-Do List dashboard-to-do-list.This issue affects Dashboard To-Do List: from n/a through = 1.2.0...