Lucene search
K

6042 matches found

OSV
OSV
added 2024/08/15 5:15 p.m.13 views

CVE-2024-42681

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...

8.8CVSS8.1AI score
Exploits0References1
CNNVD
CNNVD
added 2024/08/15 12:0 a.m.3 views

XXL-JOB 安全漏洞

XXL-JOB is a distributed task scheduling platform by the individual developer xuxueli. A security vulnerability exists in XXL-JOB v.2.4.1, which is caused by an arbitrary code execution vulnerability in the Sub-Task component...

8.8CVSS7.5AI score0.00886EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/15 12:0 a.m.15 views

CVE-2024-42681

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...

7.8AI score0.00886EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.3 views

PT-2024-30107 · Xxl-Job · Xxl-Job

Name of the Vulnerable Software and Affected Versions: xxl-job version 2.4.1 Description: The issue allows a remote attacker to execute arbitrary code via the Sub-Task ID component due to insecure permissions. Recommendations: For xxl-job version 2.4.1, consider disabling the Sub-Task ID componen...

8.8CVSS8.6AI score0.00886EPSS
Exploits1References10
CVE
CVE
added 2024/08/15 12:0 a.m.76 views

CVE-2024-42681

CVE-2024-42681 affects the XXL-JOB platform (xxl-job v2.4.1) where the Sub-Task ID component has insecure permissions that allow a remote attacker to execute arbitrary code. Root cause: improper access control/validation in the Sub-Task ID path. Impact: potential remote code execution with high s...

8.8CVSS8.1AI score0.00886EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/08/14 9:15 p.m.3 views

CVE-2024-7793

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...

5.4CVSS3.8AI score0.00422EPSS
Exploits1References4
NVD
NVD
added 2024/08/14 9:15 p.m.25 views

CVE-2024-7793

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...

5.4CVSS0.00422EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/14 9:0 p.m.59 views

CVE-2024-7793 SourceCodester Task Progress Tracker add-task.php cross site scripting

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...

5.3CVSS0.00422EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/14 9:0 p.m.16 views

CVE-2024-7793 SourceCodester Task Progress Tracker add-task.php cross site scripting

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...

5.3CVSS6.2AI score0.00422EPSS
Exploits1References4
CVE
CVE
added 2024/08/14 9:0 p.m.58 views

CVE-2024-7793

CVE-2024-7793 affects SourceCodester Task Progress Tracker 1.0. A vulnerability in the file /endpoint/add-task.php arises from unsafely handling the task_name parameter, enabling cross-site scripting. The issue is exploitable remotely and has been publicly disclosed. Multiple sources corroborate ...

5.4CVSS3.9AI score0.00422EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/08/14 7:15 p.m.23 views

CVE-2024-7792

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...

8.8CVSS0.00573EPSS
Exploits1References4
OSV
OSV
added 2024/08/14 7:15 p.m.2 views

CVE-2024-7792

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...

8.8CVSS5.8AI score0.00573EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/14 6:31 p.m.13 views

CVE-2024-7792 SourceCodester Task Progress Tracker delete-task.php sql injection

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS6.8AI score0.00573EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/14 6:31 p.m.28 views

CVE-2024-7792 SourceCodester Task Progress Tracker delete-task.php sql injection

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS0.00573EPSS
Exploits1References4
CVE
CVE
added 2024/08/14 6:31 p.m.46 views

CVE-2024-7792

The CVE-2024-7792 entry relates to SourceCodester Task Progress Tracker 1.0. Affected component: the function handling the task parameter in /endpoint/delete-task.php. Root cause: input manipulation leading to SQL injection. Impact: remote exploitation with potential impact to confidentiality, in...

8.8CVSS6.8AI score0.00573EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.7 views

PT-2024-38585 · Sourcecodester · Sourcecodester Task Progress Tracker

Name of the Vulnerable Software and Affected Versions: SourceCodester Task Progress Tracker version 1.0 Description: A vulnerability was found in the software, affecting an unknown functionality of the file /endpoint/add-task.php. The manipulation of the task name argument leads to cross-site...

5.4CVSS4.2AI score0.00422EPSS
Exploits1References9
CNNVD
CNNVD
added 2024/08/14 12:0 a.m.4 views

SourceCodester Task Progress Tracker 安全漏洞

SourceCodester Task Progress Tracker is a task progress tracker from SourceCodester, Inc. A security vulnerability exists in SourceCodester Task Progress Tracker version 1.0, which stems from an incorrect manipulation of the parameter task that can lead to sql injection...

8.8CVSS6.8AI score0.00573EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/14 12:0 a.m.4 views

SourceCodester Task Progress Tracker 跨站脚本漏洞

SourceCodester Task Progress Tracker is a task progress tracker from SourceCodester. A cross-site scripting vulnerability exists in SourceCodester Task Progress Tracker version 1.0, which stems from an incorrect operation of the parameter taskname that can lead to a cross-site scripting attack...

5.4CVSS4.5AI score0.00422EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.5 views

PT-2024-38584 · Unknown · Sourcecodester Task Progress Tracker

Name of the Vulnerable Software and Affected Versions: SourceCodester Task Progress Tracker version 1.0 Description: A critical issue has been found in the software, allowing for SQL injection. The manipulation of the task argument in the /endpoint/delete-task.php file leads to this issue. It is...

8.8CVSS7.3AI score0.00573EPSS
Exploits1References11
OSV
OSV
added 2024/08/12 3:30 p.m.14 views

GHSA-M9Q4-P56M-MC6Q Apache DolphinScheduler: RCE by arbitrary js execution

Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. If you are using the switch task plugin, please upgrade to version 3.2.2...

8.8CVSS8.6AI score0.01175EPSS
Exploits0References4
Rows per page
Query Builder