9 matches found
EUVD-2025-28625
Malicious code in bioql PyPI...
CVE-2025-57768
Phproject is a high performance full-featured project management system. From 1.8.0 to before 1.8.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Planned Hours field when creating a new project. When sending a POST request to /issues/new/, the value provided in the Planned Hours...
CVE-2025-57768
Phproject is a high performance full-featured project management system. From 1.8.0 to before 1.8.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Planned Hours field when creating a new project. When sending a POST request to /issues/new/, the value provided in the Planned Hours...
CVE-2025-57768 Stored XSS in “hours” fields when creating or editing an issue, using SQLite database
Phproject is a high performance full-featured project management system. From 1.8.0 to before 1.8.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Planned Hours field when creating a new project. When sending a POST request to /issues/new/, the value provided in the Planned Hours...
CVE-2025-57768 Stored XSS in “hours” fields when creating or editing an issue, using SQLite database
Phproject is a high performance full-featured project management system. From 1.8.0 to before 1.8.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Planned Hours field when creating a new project. When sending a POST request to /issues/new/, the value provided in the Planned Hours...
CVE-2025-57768
Phproject (versions 1.8.0–1.8.2; fixed in 1.8.3) contains a Stored XSS in the Planned Hours field during project creation. A POST to /issues/new/ echoes the planned_hours value in the HTML without encoding/sanitization, allowing a attacker-supplied payload (e.g., ) to execute in the browser. The ...
CVE-2025-57768 Stored XSS in “hours” fields when creating or editing an issue, using SQLite database
Phproject is a high performance full-featured project management system. From 1.8.0 to before 1.8.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Planned Hours field when creating a new project. When sending a POST request to /issues/new/, the value provided in the Planned Hours...
Phproject 跨站脚本漏洞
Phproject is a project management system for Alan's personal developers. The system supports issue management, task management and dashboard features. A cross-site scripting vulnerability exists in versions of Phproject prior to 1.8.0 through 1.8.3, which stems from the presence of stored...
PT-2025-34267 · Phproject · Phproject
Name of the Vulnerable Software and Affected Versions: Phproject versions 1.8.0 through 1.8.2 Description: Phproject is a high performance full-featured project management system. A Stored Cross-Site Scripting XSS vulnerability exists in the Planned Hours field when creating a new project. A...