HashiCorp Nomad and Nomad Enterprise up to Security Breach

Hashicorp Nomad and Hashicorp Nomad Enterprise are both products of Hashicorp, Inc.Hashicorp Nomad is a distributed, data center-aware cluster and application scheduler. It supports the deployment of microservices, batch, containerized and non-containerized applications.Hashicorp Nomad Enterprise...

PT-2021-19961 · Hashicorp · Nomad Enterprise +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions prior to 0.12.10 HashiCorp Nomad and Nomad Enterprise versions prior to 1.0.3 Description: The issue is related to improper privilege management, allowing exec and java task drivers to access...

SQL Injection

spring-cloud-task-core is vulnerable to SQL injection. Lack of validation of the value that is passed via a PageRequest into the JdbcTaskExecutionDao potentially allows for execution of arbitrary SQL statements...

CVE-2020-5427

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...

CVE-2020-5427

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...

CVE-2020-5428

In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer...

Sql injection

In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...

Sql injection

In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer...

CVE-2020-5428 Possibility of SQL Injection in Spring Cloud Task Execution Sorting Query

In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer...

CVE-2020-5428

Summary: CVE-2020-5428 affects Spring Cloud Task 2.2.4.RELEASE and earlier, with a reported SQL injection in the TaskExplorer lookup queries. The root cause is described as insufficient input validation in the PageRequest value used by JdbcTaskExecutionDao, potentially allowing arbitrary SQL exec...

Vmware Spring Cloud Task Application Starters SQL Injection Vulnerability

Vmware Spring Cloud Task Application Starters is a codebase for managing and executing scheduled tasks from Vmware USA. The application runs as a standalone Spring Boot application and supports operations such as database migration, machine learning, and scheduled... A SQL injection vulnerability...

PT-2021-12401 · Spring · Spring Cloud Data Flow

Name of the Vulnerable Software and Affected Versions: Spring Cloud Data Flow versions 2.5.x prior to 2.5.4 Spring Cloud Data Flow versions 2.6.x prior to 2.6.5 Description: The application is vulnerable to SQL injection when requesting task execution. Recommendations: For versions 2.5.x prior to...

CVE-2020-35272

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Admin Portal in the Task and Description fields...

CVE-2020-35272

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Admin Portal in the Task and Description fields...

SourceCodester Employee Performance Evaluation System Cross-Site Scripting Vulnerability

SourceCodester Employee Performance Evaluation System is a Php-based website builder for employee performance management from SourceCodester, Inc. A cross-site scripting vulnerability exists in Employee Performance Evaluation System that originates in the Task and Description fields of the...

OX App Suite Cross-Site Scripting Vulnerability (CNVD-2021-03047)

OX App Suite is a modular platform designed for telcos, hosting companies and vendors to deliver a wide range of cloud-based services. A cross-site scripting vulnerability exists in OX App Suite 7.10.4. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via a task...

CVE-2021-23936

OX App Suite through 7.10.4 allows XSS via the subject of a task...

Design/Logic Flaw

OX App Suite through 7.10.4 allows XSS via the subject of a task...

CVE-2021-23936

OX App Suite (affected up to version 7.10.4) contains a cross-site scripting vulnerability that can be triggered via the subject of a task. The issue is documented under CVE-2021-23936 and is corroborated by multiple sources in the connected documents (CNVD/CVE entries, Red Hat advisory, CVE list...

CVE-2021-23936

OX App Suite through 7.10.4 allows XSS via the subject of a task...