Sql injection

SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at changeStatus.php...

Cross site scripting

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newTask.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter...

Cross site scripting

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter...

Cross site scripting

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter...

Sql injection

SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at board.php...

CVE-2022-40030

CVE-2022-40030 affects SourceCodester Simple Task Managing System v1.0. The vulnerability is a SQL injection in the bookId parameter of changeStatus.php. This affects the authentication/authorization boundary and can lead to data disclosure/modification per the CVSS 3.1 metrics (CRITICAL, 9.8) wi...

CVE-2022-40030

SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at changeStatus.php...

CVE-2022-40030

SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at changeStatus.php...

CVE-2022-40029

CVE-2022-40029 affects SourceCodester Simple Task Managing System v1.0. A cross-site scripting (XSS) vulnerability exists in the newProjectValidation.php component, exploitable via the shortName parameter to inject arbitrary web scripts/HTML. The linked sources consistently describe the vulnerabi...

CVE-2022-40029

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter...

CVE-2022-40028

CVE-2022-40028 affects SourceCodester Simple Task Managing System v1.0. The issue is a cross-site scripting (XSS) vulnerability in the newProjectValidation.php component, exploitable via a crafted payload in the fullName parameter, enabling arbitrary web scripts/HTML execution. Root cause is insu...

CVE-2022-40028

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter...

CVE-2022-40028

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter...

CVE-2022-40027

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newTask.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter...

CVE-2022-40026

SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at board.php...

CVE-2022-40026

SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at board.php...

CVE-2022-40026

CVE-2022-40026 affects SourceCodester Simple Task Managing System v1.0. A SQL injection vulnerability is exploitable via the bookId parameter in board.php, with a NVD/CVSSv3.1 base score of 7.2 (HIGH) and impacts to confidentiality, integrity, and availability. Root cause is improper input handli...

Simple Task Managing System SQL注入漏洞

Simple Task Managing System is a simple task management system. A security vulnerability exists in version v1.0 of Simple Task Managing System due to an SQL injection vulnerability in the bookId parameter of the changeStatus.php component...

PT-2022-25171 · Sourcecodester · Sourcecodester Simple Task Managing System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Task Managing System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the bookId parameter at the "changeStatus.php" endpoint. Recommendations: For...

PT-2022-25170 · Sourcecodester · Sourcecodester Simple Task Managing System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Task Managing System version 1.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter in the newProjectValidation.php component. Thi...