6033 matches found
CVE-2025-0847
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2025-0847
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2025-0846
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2025-0846
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The...
CVE-2025-0847 1000 Projects Employee Task Management System Login index.php sql injection
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2025-0847 1000 Projects Employee Task Management System Login index.php sql injection
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be initiated...
CVE-2025-0847
The CVE-2025-0847 entry concerns 1000 Projects Employee Task Management System 1.0. The vulnerability resides in the Login component, specifically the /index.php file, where manipulating the email parameter enables SQL injection. This can be exploited remotely, and public exploitation is indicate...
CVE-2025-0846
The CVE-2025-0846 vulnerability affects 1000 Projects Employee Task Management System v1.0, specifically in /admin/AdminLogin.php where the email parameter is susceptible to SQL injection. Attackers can remotely exploit this flaw, and public disclosures exist. Multiple feeds (NVD, Red Hat, CVE re...
1000 Projects Employee Task Management System SQL注入漏洞
1000 Projects Employee Task Management System is an open source employee task management system from 1000 Projects. A SQL injection vulnerability exists in 1000 Projects Employee Task Management System version 1.0, which is caused by SQL injection due to parameter email...
sched/numa: Fix the potential null pointer dereference in task_numa_work()
...
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany. The attacks have led to the deployment of various payloads, such as Agent Tesla, Snake Keylogger, and a...
Malicious code in nord-security-task (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42ffe2bd7d3ef7fd741f0a023ccfc4b06f7d44240710724da3048ed61dc1e7e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-23725
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pshikli Accessibility Task Manager accessibility-task-manager allows Reflected XSS.This issue affects Accessibility Task Manager: from n/a through = 1.2.1...
CVE-2025-23725 WordPress Accessibility Task Manager plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pshikli Accessibility Task Manager accessibility-task-manager allows Reflected XSS.This issue affects Accessibility Task Manager: from n/a through = 1.2.1...
CVE-2025-23725
CVE-2025-23725 : An XSS flaw in Accessibility Task Manager, described as "Improper Neutralization of Input During Web Page Generation (XSS)". The Red Hat and NVD entries confirm a Reflected XSS affecting Accessibility Task Manager versions up to 1.2.1 (exact affected range shown as from n/a throu...
CVE-2025-23725 WordPress Accessibility Task Manager plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pshikli Accessibility Task Manager accessibility-task-manager allows Reflected XSS.This issue affects Accessibility Task Manager: from n/a through = 1.2.1...
WordPress plugin Accessibility Task Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-5052 · Unknown · Taskmeister Accessibility Task Manager
Name of the Vulnerable Software and Affected Versions: TaskMeister Accessibility Task Manager versions 1.2.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means an attacker can inject malicious script...
SUSE CVE-2025-21662
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmdallocindex, fails cmdworkhandler needs to complete ent-slotted before returning early. Otherwise the task which issued the command may hang: mlx5core...
VulnCheck KEV: CVE-2024-32739
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptaskverbose" function within MCUDBHelper...