6042 matches found
CVE-2024-42681
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...
XXL-JOB 安全漏洞
XXL-JOB is a distributed task scheduling platform by the individual developer xuxueli. A security vulnerability exists in XXL-JOB v.2.4.1, which is caused by an arbitrary code execution vulnerability in the Sub-Task component...
CVE-2024-42681
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...
PT-2024-30107 · Xxl-Job · Xxl-Job
Name of the Vulnerable Software and Affected Versions: xxl-job version 2.4.1 Description: The issue allows a remote attacker to execute arbitrary code via the Sub-Task ID component due to insecure permissions. Recommendations: For xxl-job version 2.4.1, consider disabling the Sub-Task ID componen...
CVE-2024-42681
CVE-2024-42681 affects the XXL-JOB platform (xxl-job v2.4.1) where the Sub-Task ID component has insecure permissions that allow a remote attacker to execute arbitrary code. Root cause: improper access control/validation in the Sub-Task ID path. Impact: potential remote code execution with high s...
CVE-2024-7793
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...
CVE-2024-7793
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...
CVE-2024-7793 SourceCodester Task Progress Tracker add-task.php cross site scripting
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...
CVE-2024-7793 SourceCodester Task Progress Tracker add-task.php cross site scripting
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...
CVE-2024-7793
CVE-2024-7793 affects SourceCodester Task Progress Tracker 1.0. A vulnerability in the file /endpoint/add-task.php arises from unsafely handling the task_name parameter, enabling cross-site scripting. The issue is exploitable remotely and has been publicly disclosed. Multiple sources corroborate ...
CVE-2024-7792
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2024-7792
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2024-7792 SourceCodester Task Progress Tracker delete-task.php sql injection
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2024-7792 SourceCodester Task Progress Tracker delete-task.php sql injection
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...
CVE-2024-7792
The CVE-2024-7792 entry relates to SourceCodester Task Progress Tracker 1.0. Affected component: the function handling the task parameter in /endpoint/delete-task.php. Root cause: input manipulation leading to SQL injection. Impact: remote exploitation with potential impact to confidentiality, in...
PT-2024-38585 · Sourcecodester · Sourcecodester Task Progress Tracker
Name of the Vulnerable Software and Affected Versions: SourceCodester Task Progress Tracker version 1.0 Description: A vulnerability was found in the software, affecting an unknown functionality of the file /endpoint/add-task.php. The manipulation of the task name argument leads to cross-site...
SourceCodester Task Progress Tracker 安全漏洞
SourceCodester Task Progress Tracker is a task progress tracker from SourceCodester, Inc. A security vulnerability exists in SourceCodester Task Progress Tracker version 1.0, which stems from an incorrect manipulation of the parameter task that can lead to sql injection...
SourceCodester Task Progress Tracker 跨站脚本漏洞
SourceCodester Task Progress Tracker is a task progress tracker from SourceCodester. A cross-site scripting vulnerability exists in SourceCodester Task Progress Tracker version 1.0, which stems from an incorrect operation of the parameter taskname that can lead to a cross-site scripting attack...
PT-2024-38584 · Unknown · Sourcecodester Task Progress Tracker
Name of the Vulnerable Software and Affected Versions: SourceCodester Task Progress Tracker version 1.0 Description: A critical issue has been found in the software, allowing for SQL injection. The manipulation of the task argument in the /endpoint/delete-task.php file leads to this issue. It is...
GHSA-M9Q4-P56M-MC6Q Apache DolphinScheduler: RCE by arbitrary js execution
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. If you are using the switch task plugin, please upgrade to version 3.2.2...