11 matches found
CVE-2023-4987
A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...
EUVD-2023-54817
Malicious code in bioql PyPI...
Taskhub 2.8.8 Cross Site Scripting
Title: TASKHUB-2.8.8-XSS-Reflected Author: nu11secur1ty Date: 09/22/2023 Vendor: https://codecanyon.net/user/infinitietech Software: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Reference: https://portswigger.net/web-security/cross-site-scripting Description: T...
CVE-2023-4987
A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...
CVE-2023-4987
A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...
Sql injection
A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...
CVE-2023-4987
Infinitietech Taskhub 2.8.7 is affected by a SQL injection in the GET Parameter Handler, specifically in /home/get_tasks_list. The vulnerable GET parameters include project, status, user_id, sort, and search, allowing manipulation that leads to SQL injection. Public references (Exploit-DB) docume...
CVE-2023-4987 infinitietech taskhub GET Parameter get_tasks_list sql injection
A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...
CVE-2023-4987 infinitietech taskhub GET Parameter get_tasks_list sql injection
A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/gettaskslist of the component GET Parameter Handler. The manipulation of the argument project/status/userid/sort/search leads to...
Infinitietech Taskhub SQL Injection Vulnerability
Infinitietech Taskhub is Infinitietech open source a project management, finance, CRM tools. Infinitietech Taskhub version 2.8.7 SQL injection vulnerability , the vulnerability stems from the component GET Parameter Handler /home/gettaskslist there is an unknown function , through the parameter...
PT-2023-31400 · Infinitietech · Infinitietech Taskhub
Name of the Vulnerable Software and Affected Versions: infinitietech taskhub version 2.8.7 Description: A critical issue has been found in the GET Parameter Handler component, specifically affecting the /home/get tasks list file. The manipulation of the project/status/user id/sort/search argument...