CVE-2026-29828

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

EUVD-2026-13730

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

CVE-2026-29828

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

PT-2026-26643

CVE-2026-29828 DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/id page via the input field projectDesc. https://t.co/IdJyEMWfTe...

CVE-2026-29828

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

CVE-2026-29828

CVE-2026-29828 affects DooTask v1.6.27 with a Cross-Site Scripting (XSS) vulnerability on the /manage/project/ page via the projectDesc input. The root cause and vulnerable component are described across multiple sources as an XSS in the manage/project interface; no explicit exploit details or re...

CVE-2026-29828

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

DooTask 安全漏洞

DooTask is a task management tool developed by Kuaifan’s individual developers. Version 1.6.27 of DooTask contains a security vulnerability. This vulnerability stems from improper handling of the projectDesc input field in the /manage/project/ page, which may lead to cross-site scripting attacks...

CVE-2026-29828

DooTask v1.6.27 has a Cross-Site Scripting XSS vulnerability in the /manage/project/ page via the input field projectDesc...

CVE-2024-34906

An arbitrary file upload vulnerability in dootask v0.30.13 allows attackers to execute arbitrary code via uploading a crafted PDF file...

EUVD-2024-35105

Malicious code in bioql PyPI...

EUVD-2025-28589

Malicious code in bioql PyPI...

EUVD-2025-25703

Malicious code in bioql PyPI...

EUVD-2025-30373

Malicious code in bioql PyPI...

CVE-2025-10762

A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keysdepartment results in sql injection. The attack can be executed remotely. The exploi...

CVE-2025-10762

A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keysdepartment results in sql injection. The attack can be executed remotely. The exploi...

CVE-2025-10762 kuaifan DooTask UsersController.php sql injection

A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keysdepartment results in sql injection. The attack can be executed remotely. The exploi...

CVE-2025-10762 kuaifan DooTask UsersController.php sql injection

A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keysdepartment results in sql injection. The attack can be executed remotely. The exploi...

DooTask SQL注入漏洞

DooTask is a task management tool for kuaifan individual developers. A SQL injection vulnerability exists in DooTask 1.2.49 and earlier versions, which stems from incorrect manipulation of the parameter keysdepartment in the file app/Http/Controllers/Api/UsersController.php, which could lead to a...

CVE-2025-55455

DooTask v1.0.51 was dicovered to contain an authenticated arbitrary download vulnerability via the component /msg/sendtext...