CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

CVE-2026-10285

A vulnerability has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this issue is the function KanbanScrumHelper::recordUpdated of the file app/Helpers/KanbanScrumHelper.php of the component Ticket Handler. The manipulation leads to improper authorization. The attack i...

5.5CVSS5.4AI score0.00043EPSS

Exploits0References7

CVE•added 3 days ago•7 views

CVE-2026-10285

The CVE-2026-10285 affects DevaslanPHP project-management (up to 2.0.0-beta1). The issue lies in KanbanScrumHelper::recordUpdated (file app/Helpers/KanbanScrumHelper.php) where manipulation leads to improper authorization, enabling a remote attack. The available sources do not specify exploit vec...

5.5CVSS5.4AI score0.00043EPSS

Exploits0References6

Positive Technologies•added 3 days ago•7 views

PT-2026-45550

5.5CVSS5.4AI score0.00043EPSS

Exploits0References7

NVD•added 2025/10/27 8:15 a.m.•2 views

CVE-2025-12249

A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. The impacted element is an unknown function of the component Edit Ticket Page. Performing manipulation of the argument Title results in csv injection. It is possible to initiate the attack remotely. The exploit is now...

6.5CVSS0.00042EPSS

Exploits0References4

Cvelist•added 2025/10/27 8:2 a.m.•5 views

CVE-2025-12249 Axosoft Scrum and Bug Tracking Edit Ticket csv injection

6.5CVSS0.00042EPSS

Exploits0References4

EUVD•added 2025/10/27 8:2 a.m.•3 views

EUVD-2025-36134

6.5CVSS6.3AI score0.00042EPSS

Exploits0References5

Vulnrichment•added 2025/10/27 8:2 a.m.•3 views

CVE-2025-12249 Axosoft Scrum and Bug Tracking Edit Ticket csv injection

6.5CVSS6.4AI score0.00042EPSS

Exploits0References4

CVE•added 2025/10/27 8:2 a.m.•6 views

CVE-2025-12249

CVE-2025-12249 affects Axosoft Scrum and Bug Tracking 22.1.1.11545. The vulnerability lies in the Edit Ticket Page component where manipulating the Title argument enables CSV injection. Exploitation can be remote and the exploit is publicly available. Vendor has not responded. No public informati...

6.5CVSS6.4AI score0.00042EPSS

Exploits0References4

Positive Technologies•added 2025/10/27 12:0 a.m.•2 views

PT-2025-43906

Name of the Vulnerable Software and Affected Versions Axosoft Scrum and Bug Tracking version 22.1.1.11545 Description A flaw exists in Axosoft Scrum and Bug Tracking that allows for CSV injection. The issue is located in the Edit Ticket Page component, specifically through manipulation of the Tit...

6.5CVSS6.1AI score0.00042EPSS

Exploits0References7

RedhatCVE•added 2025/10/07 6:9 a.m.•4 views

CVE-2025-11279

A vulnerability was detected in Axosoft Scrum and Bug Tracking 22.1.1.11545. This issue affects some unknown processing of the component Add Work Item Page. The manipulation of the argument Title results in csv injection. The attack can be launched remotely. The exploit is now public and may be...

6.5CVSS6.8AI score0.00034EPSS

Exploits0References1

EUVD•added 2025/10/05 3:30 a.m.•2 views

EUVD-2025-32441

6.5CVSS6.4AI score0.00034EPSS

Exploits0References5

NVD•added 2025/10/05 3:15 a.m.•4 views

CVE-2025-11279

6.5CVSS0.00034EPSS

Exploits0References4

Cvelist•added 2025/10/05 3:2 a.m.•8 views

CVE-2025-11279 Axosoft Scrum and Bug Tracking Add Work Item csv injection

6.5CVSS0.00034EPSS

Exploits0References4

CVE•added 2025/10/05 3:2 a.m.•8 views

CVE-2025-11279

The CVE-2025-11279 entry concerns Axosoft Scrum and Bug Tracking 22.1.1.11545. The vulnerability affects the Add Work Item Page, where manipulation of the Title argument leads to a CSV injection. It is a network-accessible issue with low privileges and low impact on confidentiality, integrity, an...

6.5CVSS6.6AI score0.00034EPSS

Exploits0References4

Vulnrichment•added 2025/10/05 3:2 a.m.•2 views

CVE-2025-11279 Axosoft Scrum and Bug Tracking Add Work Item csv injection

6.5CVSS5.5AI score0.00034EPSS

Exploits0References4

CNNVD•added 2025/10/05 12:0 a.m.•3 views

Axosoft Scrum and Bug Tracking 安全漏洞

Axosoft Scrum and Bug Tracking is an Agile project management and defect tracking software from Axosoft Corporation, USA. A security vulnerability exists in Axosoft Scrum and Bug Tracking version 22.1.1.11545, which stems from an incorrect manipulation of the parameter Title in the Add Work Item...

6.5CVSS5.6AI score0.00034EPSS

Exploits0References4

Positive Technologies•added 2025/10/05 12:0 a.m.•3 views

PT-2025-40789

Name of the Vulnerable Software and Affected Versions Axosoft Scrum and Bug Tracking version 22.1.1.11545 Description A CSV injection issue exists in Axosoft Scrum and Bug Tracking version 22.1.1.11545, specifically within the Add Work Item Page component. The Title argument is susceptible to...

6.5CVSS5.4AI score0.00034EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-25026

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.00255EPSS

Exploits0References5

RedhatCVE•added 2025/08/17 3:24 p.m.•7 views

CVE-2025-54466

Improper Control of Generation of Code 'Code Injection' vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. This issue affects Apache OFBiz: before 24.09.02 only when the scrum plugin is used. Even unauthenticated attackers can exploit this vulnerability. Users are recommended t...

9.8CVSS7.4AI score0.00255EPSS

Exploits0References1

NVD•added 2025/08/15 3:15 p.m.•2 views

CVE-2025-54466

9.8CVSS0.00255EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by