EUVD-2006-1483

Malware in sbrugna...

CVE-2024-41805 Tracks vulnerable to reflected cross-site scripting

Tracks, a Getting Things Done GTD web application, is vulnerable to reflected cross-site scripting in versions prior to 2.7.1. Reflected cross-site scripting enables execution of malicious JavaScript in the context of a user’s browser if that user clicks on a malicious link, allowing phishing...

Chaos Control - GTD To-Do List - Corrupted files, Customized SSL, Dynamic Code Loading vulnerabilities

HackApp vulnerability scanner discovered that application Chaos Control - GTD To-Do List published at the 'play' market has multiple vulnerabilities...

Gravity GTD <= 0.4.5 (rpc.php objectname) LFI/RCE Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl gravity-gtd = 0.4.5 LFI/RCE Vulnerability Script: An open source list manager for tracking action ite...

Gravity GTD rpc.php Malformed objectname Parameter (CVE-2008-5962; CVE-2008-5963)

Gravity GTD is an open source list manager for tracking action items according to the principles of Getting Things Done GTD. There exist multiple vulnerabilities in Gravity GTD. One attack vector could allow remote attackers to conduct directory traversal attacks and possibly read or write...

CVE-2008-5963

Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done GTD 0.4.5 and earlier allows remote attackers to execute arbitrary PHP code via the objectname parameter...

CVE-2008-5962

Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done GTD 0.4.5 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the objectname parameter...

CVE-2008-5963

Gravity GTD (Getting Things Done) up to version 0.4.5 is affected by an eval-injection vulnerability in library/setup/rpc.php that allows remote attackers to execute arbitrary PHP code via the objectname parameter. This CVE (CVE-2008-5963) is rated high by NVD (base score 10.0) with network attac...

CVE-2008-5962

CVE-2008-5962 affects Gravity Getting Things Done (GTD) up to version 0.4.5. The vulnerability is in library/setup/rpc.php, where the objectname parameter can be crafted to trigger a directory traversal, allowing remote attackers to include and execute arbitrary local files. This is a classic loc...

Gravity GTD &lt;= 0.4.5 (rpc.php objectname) LFI/RCE Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl gravity-gtd = 0.4.5 LFI/RCE Vulnerability Script: An open source list manager for tracking actio...

gravitygtd-lfiexec.txt

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl gravity-gtd = 0.4.5 LFI/RCE Vulnerability Script: An open source list manager for tracking action items according to the principles...

Gravity GTD 0.4.5 - Local File Inclusion Remote Code Execution

Gravity GTD 0.4.5 - Local File Inclusion Remote Code Execution :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl gravity-gtd = 0.4.5 LFI/RCE Vulnerability Script: An open source lis...

Gravity GTD <= 0.4.5 (rpc.php objectname) LFI/RCE Vulnerability

Exploit for unknown platform in category web applications =============================================================== Gravity GTD = 0.4.5 rpc.php objectname LFI/RCE Vulnerability =============================================================== :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;;...

Gravity GTD 0.4.5 - Local File Inclusion / Remote Code Execution

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl gravity-gtd = 0.4.5 LFI/RCE Vulnerability Script: An open source list manager for tracking action items according to the principles...

[SA19512] gtd-php Cross-Site Scripting and Script Insertion Vulnerabilities

TITLE: gtd-php Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA19512 VERIFY ADVISORY: http://secunia.com/advisories/19512/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: gtd-php 0.x http://secunia.com/product/9122/...

CVE-2006-1479

Multiple cross-site scripting XSS vulnerabilities in Serge Rey gtd-php aka Getting Things Done 0.5 allow remote attackers to inject arbitrary web script or HTML via the Description field in 1 newProject.php, 2 newList.php, and 3 newWaitingOn.php; the Title field in 4 newProject.php, 5 newList.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Serge Rey gtd-php aka Getting Things Done 0.5 allow remote attackers to inject arbitrary web script or HTML via the Description field in 1 newProject.php, 2 newList.php, and 3 newWaitingOn.php; the Title field in 4 newProject.php, 5 newList.php...

CVE-2006-1479

CVE-2006-1479 pertains to multiple XSS vulnerabilities in Serge Rey’s gtd-php (Getting Things Done) 0.5. The affected components are user-input fields across several PHP scripts: newProject.php, newList.php, newWaitingOn.php (Descriptions); newProject.php, newList.php, newWaitingOn.php, newCheckl...