CVE-2026-4004

CVE-2026-4004 affects the WordPress Task Manager plugin up to version 3.0.2. The vulnerability stems from missing capability checks in the callback_search() function and insufficient input validation that lets shortcode syntax (square brackets) pass through sanitize_text_field() and be concatenat...

CVE-2024-28613

SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the taskid parameter of the task-details.php, and edit-task.php component...

CVE-2024-3224

A vulnerability has been found in SourceCodester PHP Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file task-details.php. The manipulation of the argument taskid leads to sql injection. The attack can be launched remotely...

CVE-2024-2575

A vulnerability, which was classified as critical, has been found in SourceCodester Employee Task Management System 1.0. Affected by this issue is some unknown functionality of the file /task-details.php. The manipulation of the argument taskid leads to authorization bypass. The attack may be...

Employee Task Management System 1.0 SQL Injection Vulnerability

Employee Task Management System - SQL Injection on task-details.php?taskid=? with low privilege authentication CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task Management System Version: ...

kppw select.php 参数task_id SQL注入漏洞

No description provided by source...

AckerTodo 4.0 - index.php Cross-Site Scripting

AckerTodo 4.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/19894/info AckerTodo is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow an attacker to steal cookie-based...