6033 matches found
PT-2024-21413 · Unknown · School Task Manager
Name of the Vulnerable Software and Affected Versions: School Task Manager version 1.0 Description: A SQL Injection issue allows a remote attacker to obtain sensitive information via a crafted payload to the "delete-task.php" component. This enables unauthorized access to data. Recommendations: F...
CVE-2023-46241
discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...
Design/Logic Flaw
discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...
CVE-2023-46241 Potential account take over due to unverified emails from Microsoft Identity Platform
discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...
CVE-2023-46241 Potential account take over due to unverified emails from Microsoft Identity Platform
discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...
Google Android Security Vulnerability
Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android that stems from a logic error in the code of the startNextMatchingActivity method of the ActivityTaskManagerService.java file, with a possible way ...
CVE-2023-51787
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...
Memory corruption
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...
Wind River VxWorks Security Vulnerability
Wind River VxWorks is an operating system from Wind River Systems, Inc. the industry-leading real-time operating system for building embedded devices and systems. A security vulnerability exists in Wind River VxWorks 7 version 22.09, version 23.03, which stems from a memory leak that does not fre...
CVE-2024-25220
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php...
CVE-2024-25221
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...
CVE-2024-25222
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php...
CVE-2024-25218
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Project Name parameter /TaskManager/Projects.php...
CVE-2024-25220
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php...
CVE-2024-25222
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php...
CVE-2024-25221
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...
CVE-2024-25218
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Project Name parameter /TaskManager/Projects.php...
CVE-2024-25219
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php...
CVE-2024-25219
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php...
Cross site scripting
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...