Lucene search
K

52 matches found

NVD
NVD
added 2026/05/14 7:16 a.m.74 views

CVE-2026-6225

The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'projectsearch' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...

6.5CVSS0.00224EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:13 a.m.7 views

CVE-2024-2934

A vulnerability classified as critical was found in SourceCodester Todo List in Kanban Board 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-todo.php. The manipulation of the argument list leads to sql injection. The attack can be launched remotely. Th...

9.8CVSS7.5AI score0.00822EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/16 12:26 a.m.5 views

CVE-2025-65782

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members and potentially other authenticated users to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vo...

6.5CVSS7AI score0.00225EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/15 3:30 p.m.4 views

EUVD-2025-203374

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Uploaded attachments can be served with attacker-controlled Content-Type text/html, allowing execution of attacker-supplied HTML/JS in the application's origin and enabling session/token thef...

6.6AI score0.00317EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/15 3:30 p.m.3 views

EUVD-2025-203373

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authenticated users can update their entire user document beyond profile fields, including orgs/teams and loginDisabled, due to missing server-side authorization checks; this enables privileg...

6.6AI score0.00289EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/15 12:0 a.m.27 views

CVE-2025-65778

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Uploaded attachments can be served with attacker-controlled Content-Type text/html, allowing execution of attacker-supplied HTML/JS in the application's origin and enabling session/token thef...

0.00317EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/15 12:0 a.m.26 views

CVE-2025-65779

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Unauthenticated attackers can update a board's "sort" value Boards.allow returns true without verifying userId, allowing arbitrary reordering of boards...

0.0027EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/15 12:0 a.m.4 views

CVE-2025-65782

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Authorization flaw in card update handling allows board members and potentially other authenticated users to add/remove arbitrary user IDs in vote.positive / vote.negative arrays, enabling vo...

6.6AI score0.00225EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/15 12:0 a.m.2 views

CVE-2025-65779

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Unauthenticated attackers can update a board's "sort" value Boards.allow returns true without verifying userId, allowing arbitrary reordering of boards...

6.7AI score0.0027EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.5 views

PT-2025-51218

Name of the Vulnerable Software and Affected Versions Wekan versions prior to 18.16 Description An issue exists in Wekan, an open-source kanban board system, where unauthenticated attackers can modify a board's "sort" value. The Boards.allow function does not verify the user ID, enabling...

7.5CVSS6.6AI score0.0027EPSS
Exploits0References9
OSV
OSV
added 2025/12/15 12:0 a.m.4 views

CVE-2025-65781

An issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Attachment upload API treats the Authorization bearer value as a userId and enters a non-terminating body-handling branch for any non-empty bearer token, enabling trivial application-layer Do...

8.2CVSS6.9AI score0.00294EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-1714

Malware in sbrugna...

5.4CVSS5.5AI score0.0058EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-27877

Malicious code in bioql PyPI...

6.1CVSS4.8AI score0.00585EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-27876

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00822EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-8072

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00751EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:22 a.m.5 views

CVE-2024-34400

An issue was discovered in VirtoSoftware Virto Kanban Board Web Part before 5.3.5.1 for SharePoint 2019. There is /layouts/15/Virto.KanbanTaskManager/api/KanbanData.ashx LinkTitle2 XSS...

6.1CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:28 a.m.9 views

CVE-2016-10715

The Artezio Kanban Board plugin 1.4 revision 1914 for Atlassian Jira has XSS via the Board Name in a Create New Board action, related to an artezioboard/mainPage.jspa?kanbanId=7/kanban-view URI...

5.4CVSS5.9AI score0.0058EPSS
Exploits0References1
NVD
NVD
added 2024/06/25 9:15 p.m.26 views

CVE-2024-34400

An issue was discovered in VirtoSoftware Virto Kanban Board Web Part before 5.3.5.1 for SharePoint 2019. There is /layouts/15/Virto.KanbanTaskManager/api/KanbanData.ashx LinkTitle2 XSS...

6.1CVSS0.00254EPSS
Exploits0References1
CVE
CVE
added 2024/06/25 12:0 a.m.85 views

CVE-2024-34400

The CVE-2024-34400 entry concerns VirtoSoftware Virto Kanban Board Web Part for SharePoint 2019, affected by a cross-site scripting (XSS) vulnerability in the API endpoint /_layouts/15/Virto.KanbanTaskManager/api/KanbanData.ashx (LinkTitle2) prior to version 5.3.5.1. Root cause details are not ex...

6.1CVSS7AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.5 views

PT-2024-25858 · Virtosoftware +1 · Virto Kanban Board Web Part +1

Name of the Vulnerable Software and Affected Versions: VirtoSoftware Virto Kanban Board Web Part versions prior to 5.3.5.1 for SharePoint 2019 Description: An issue was discovered in the software, specifically with the "/ layouts/15/Virto.KanbanTaskManager/api/KanbanData.ashx" API endpoint, where...

6.1CVSS6.1AI score0.00254EPSS
Exploits0References3
Rows per page
Query Builder