PT-2022-25169 · Sourcecodester · Sourcecodester Simple Task Managing System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Task Managing System version 1.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter in the newProjectValidation.php component. This...

Simple Task Managing System SQL注入漏洞

Simple Task Managing System is a simple task management system. A security vulnerability exists in Simple Task Managing System v1.0, which was discovered to contain an SQL injection vulnerability via the bookId parameter on board.php...

Simple Task Managing System 跨站脚本漏洞

Simple Task Managing System is a simple task management system. A security vulnerability exists in Simple Task Managing System v1.0, which is caused by a cross-site scripting vulnerability in the fullName parameter of the newProjectValidation.php component...

Simple Task Managing System 跨站脚本漏洞

Simple Task Managing System is a simple task management system. A security vulnerability exists in Simple Task Managing System v1.0, which is caused by a cross-site scripting vulnerability in the shortName parameter of the newProjectValidation.php component...

CVE-2021-46834

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225C00E220R3P4...

CVE-2021-46834

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225C00E220R3P4...

CVE-2021-46834

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225C00E220R3P4...

CVE-2021-46834

CVE-2021-46834 describes a permission-bypass vulnerability in Huawei’s cross-device task management affecting Huawei JAD-AL50 software (version 102.0.0.225). The flaw permits an attacker with local access and low privileges, with no user interaction, to access certain resources on the attacked de...

CVE-2021-46834

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225C00E220R3P4...

PT-2022-33820 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: A potential issue exists in the Linux Kernel where a task may be requeued on a CPU that is excluded from the cpus mask. The actual impact and attack plausibility of this issue have not yet...

CVE-2022-40365

Cross site scripting XSS vulnerability in ouqiang gocron through 1.5.3, allows attackers to execute arbitrary code via scope.row.hostname in web/vue/src/pages/taskLog/list.vue...

gocron 跨站脚本漏洞

gocron is a timed task management system by a Chinese qiang.ou individual developer. A security vulnerability exists in gocron versions prior to 1.5.3, which stems from a scope.row.hostname in its web/vue/src/pages/taskLog/list.vue component that allows attackers to execute arbitrary code via...

PT-2022-25364 · Gocron · Gocron

Name of the Vulnerable Software and Affected Versions: gocron versions through 1.5.3 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary code via the hostname in the scope.row object, specifically in the web/vue/src/pages/taskLog/list.vue file. Recommendations: For...

Malicious Package

Overview en-task-duedate-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain

CISA, the National Security Agency NSA, and the Office of the Director of National Intelligence ODNI, have published part one of a three-part joint publication series, Securing Software Supply Chain Series - Recommended Practices for Developers. This guidance—created by the Enduring Security...

CVE-2022-36676

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/viewcategory.php...

CVE-2022-36674

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/viewschedule.php...

CVE-2022-36675

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/manageschedule.php...

CVE-2022-36676

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/viewcategory.php...

CVE-2022-36674

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /schedules/viewschedule.php...