1842 matches found
CVE-2024-7793
CVE-2024-7793 affects SourceCodester Task Progress Tracker 1.0. A vulnerability in the file /endpoint/add-task.php arises from unsafely handling the task_name parameter, enabling cross-site scripting. The issue is exploitable remotely and has been publicly disclosed. Multiple sources corroborate ...
CVE-2024-7792
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2024-7792
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2024-7792 SourceCodester Task Progress Tracker delete-task.php sql injection
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2024-7792
The CVE-2024-7792 entry relates to SourceCodester Task Progress Tracker 1.0. Affected component: the function handling the task parameter in /endpoint/delete-task.php. Root cause: input manipulation leading to SQL injection. Impact: remote exploitation with potential impact to confidentiality, in...
CVE-2024-7792 SourceCodester Task Progress Tracker delete-task.php sql injection
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...
PT-2024-38584 · Unknown · Sourcecodester Task Progress Tracker
Name of the Vulnerable Software and Affected Versions: SourceCodester Task Progress Tracker version 1.0 Description: A critical issue has been found in the software, allowing for SQL injection. The manipulation of the task argument in the /endpoint/delete-task.php file leads to this issue. It is...
SourceCodester Task Progress Tracker 安全漏洞
SourceCodester Task Progress Tracker is a task progress tracker from SourceCodester, Inc. A security vulnerability exists in SourceCodester Task Progress Tracker version 1.0, which stems from an incorrect manipulation of the parameter task that can lead to sql injection...
SourceCodester Task Progress Tracker 跨站脚本漏洞
SourceCodester Task Progress Tracker is a task progress tracker from SourceCodester. A cross-site scripting vulnerability exists in SourceCodester Task Progress Tracker version 1.0, which stems from an incorrect operation of the parameter taskname that can lead to a cross-site scripting attack...
PT-2024-38585 · Sourcecodester · Sourcecodester Task Progress Tracker
Name of the Vulnerable Software and Affected Versions: SourceCodester Task Progress Tracker version 1.0 Description: A vulnerability was found in the software, affecting an unknown functionality of the file /endpoint/add-task.php. The manipulation of the task name argument leads to cross-site...
Progress WhatsUp Gold Detection
Binary data progresswhatsupgolddetect.nbin...
Progress WhatsUp Gold File Upload RCE (CVE-2024-4884)
Binary data progresswhatsupgoldcve-2024-4884.nbin...
Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now
A critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move quickly to apply the latest. The vulnerability in question is CVE-2024-4885 CVSS score: 9.8, an unauthenticated remote code execution bug impacting version...
Progress WhatsUp Gold < 23.1.3 Multiple Vulnerabilities (000258130)
The version of Progress WhatsUp Gold installed on the remote host is prior to 23.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 000258130 advisory, including: - In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress...
Amazon Linux 2023 : python3-tqdm (ALAS2023-2024-690)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-690 advisory. tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. Th...
Progress MOVEit Transfer < 2023.0.12 / 2023.1 < 2023.1.7 / 2024.0 < 2024.0.3 Privilege Escalation
Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3. Note that Nessus has not tested for these issues but has...
Malicious code in md-progress-circular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8452da64b993f8adad40197107a47602421aecb7bc71f7b4fae5560a8429552e The OpenSSF Package Analysis project identified 'md-progress-circular' @ 100000.0.0 npm as malicious. It is considered malicious because: - The...
CVE-2024-6576
Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...
CVE-2024-6576 MOVEit Transfer Privilege Escalation Vulnerability
Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...
CVE-2024-6576
CVE-2024-6576 - Progress MOVEit Transfer (SFTP module) : Affected MOVEit Transfer versions include 2023.0.0–2023.0.11, 2023.1.0–2023.1.6, and 2024.0.0–2024.0.2, with a root cause described as an improper authentication vulnerability that can lead to privilege escalation. Remediation per sources: ...