CVE-2024-2570 SourceCodester Employee Task Management System edit-task.php redirect

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /edit-task.php. The manipulation leads to execution after redirect. It is possible to initiate the attack remotely. The exploit has been...

CVE-2024-25219

A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php...

PT-2024-20829

Name of the Vulnerable Software and Affected Versions Task Manager App version 1.0 Description A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter in the "/TaskManager/Task.php" API endpoint...

CVE-2024-0483

A vulnerability classified as critical was found in Taokeyun up to 1.0.5. This vulnerability affects the function index of the file application/index/controller/app/Task.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. The attack can be...

CVE-2024-0483 Taokeyun HTTP POST Request Task.php index sql injection

A vulnerability classified as critical was found in Taokeyun up to 1.0.5. This vulnerability affects the function index of the file application/index/controller/app/Task.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. The attack can be...

CVE-2023-5297

A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt&a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to initiate the attack remotely. Th...

CVE-2023-5297 Xinhu RockOA start backup

A vulnerability was found in Xinhu RockOA 2.3.2. It has been classified as problematic. This affects the function start of the file task.php?m=sys|runt&a=beifen. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to initiate the attack remotely. Th...

Employee Task Management System v1.0 - SQL Injection Vulnerability (2)

Exploit Title: Employee Task Management System v1.0 - SQL Injection on edit-task.php Exploit Author: Muhammad Navaid Zafar Ansari CVE Assigned: CVE-2023-0902 mitre.org, nvd.nist.org Author: Muhammad Navaid Zafar Ansari Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task...

Sql injection

A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack can be initiated remotely. The complexit...

(0Day) Horde Groupware Webmail Edition Task task_alarms Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within Task.php. When parsing the taskalarms parameter, the process does not proper...

CVE-2014-8307

Multiple cross-site scripting XSS vulnerabilities in skins/default/outline.tpl in C97net Cart Engine before 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 path parameter in the "drop down TOP menu with path" section or 2 printthispage variable in the footercontentbloc...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in skins/default/outline.tpl in C97net Cart Engine before 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 path parameter in the "drop down TOP menu with path" section or 2 printthispage variable in the footercontentbloc...

Kemana Directory 1.5.6 Local File Inclusion

Kemana Directory 1.5.6 run param Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features...

Kemana Directory 1.5.6 - 'task.php' Local File Inclusion

Kemana Directory 1.5.6 run param Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features...

qEngine CMS 6.0.0 (task.php) Local File Inclusion

qEngine CMS 6.0.0 task.php Local File Inclusion Vulnerability Vendor: C97net Product web page: http://www.c97.net Affected version: 6.0.0 and 4.1.6 Summary: qEngine qE is a lightweight, fast, yet feature packed CMS script to help you building your site quickly. Using template engine to separate...

CVE-2005-2430

Multiple cross-site scripting XSS vulnerabilities in GForge 4.5 allow remote attackers to inject arbitrary web script or HTML via the 1 forumid or 2 groupid parameter to forum.php, 3 projecttaskid parameter to task.php, 4 id parameter to detail.php, 5 the text field on the search page, 6 groupid...