PT-2025-4072 · Unknown · 1000 Projects Employee Task Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Employee Task Management System version 1.0 Description: A critical issue affects the Login component of the system, specifically the file /index.php. The manipulation of the email argument leads to sql injection. This issue can...

GHSA-PGJX-7F9G-9463 Improper handling of email input

Impact An attacker can pass a compromised input to the e-mail signin endpoint that contains some malicious HTML, tricking the e-mail server to send it to the user, so they can perform a phishing attack. Eg.: [email protected], Before signing in, claim your money!. This was previously sent to...