39 matches found
Serverless Express 安全漏洞
Serverless Express is an open-source library from Code Genie that allows for running Node.js web applications in a serverless environment. Serverless Express versions 4.17.1 and earlier contain a security vulnerability. This vulnerability stems from incorrect handling of the parameter userId in t...
[SECURITY] Fedora 43 Update: task-3.4.2-3.fc43
Taskwarrior is a command-line TODO list manager. It is flexible, fast, efficient, unobtrusive, does its job then gets out of your way. Taskwarrior scales to fit your workflow. Use it as a simple app that captures tasks, shows you the list, and removes tasks from that list. Leverage its capabiliti...
CVE-2024-2934
A vulnerability classified as critical was found in SourceCodester Todo List in Kanban Board 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-todo.php. The manipulation of the argument list leads to sql injection. The attack can be launched remotely. Th...
SourceCodester Simple To-Do List System 安全漏洞
SourceCodester Simple To-Do List System is a simple to-do list system from SourceCodester open source. A security vulnerability exists in SourceCodester Simple To-Do List System version 1.0, which stems from Add Tasks text input that is not properly cleaned up or encoded for output, which could...
EUVD-2025-38293
Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting XSS in the "Task Title" and "Description Optional" fields when creating a Task, allowing an attacker to inject arbitrary potentially malicious HTML/JavaScript code that executes in the victim's browser upon clicki...
CVE-2025-63638
Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting XSS in the "Task Title" and "Description Optional" fields when creating a Task, allowing an attacker to inject arbitrary potentially malicious HTML/JavaScript code that executes in the victim's browser upon clicki...
CVE-2025-63638
Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting XSS in the "Task Title" and "Description Optional" fields when creating a Task, allowing an attacker to inject arbitrary potentially malicious HTML/JavaScript code that executes in the victim's browser upon clicki...
EUVD-2024-27877
Malicious code in bioql PyPI...
EUVD-2024-27876
Malicious code in bioql PyPI...
CVE-2025-10117
A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetchtasks.php of the component Add New Task. Executing manipulation with the input can lead to cross site scripting. The attack can be executed remotely. The exploit has be...
Malicious code in ahmed88521n786-todo-list (npm)
The package ahmed88521n786-todo-list was found to contain malicious code...
ahmedraza-atm (>=2.0.0 <=2.0.3), cli-03-todo-list (=1.0.0) +3 more potentially affected by unknown CVE via chlak (=0.0.1-security)
chlak NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on chlak and may be impacted: - ahmedraza-atm =2.0.0, =1.0.0, =1.0.0, =1.0.1 - todo-list-with-anila-waqar =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-16991...
MAL-2025-14172 Malicious code in ahmed88521n786-todo-list (npm)
The package ahmed88521n786-todo-list was found to contain malicious code...
CVE-2024-2935
A vulnerability, which was classified as problematic, has been found in SourceCodester Todo List in Kanban Board 1.0. Affected by this issue is some unknown functionality of the component Add ToDo. The manipulation of the argument Todo leads to cross site scripting. The attack may be launched...
CVE-2022-4590
A vulnerability was found in mschaef toto up to 1.4.20. It has been classified as problematic. This affects an unknown part of the component Todo List Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.21 is able to...
CVE-2025-4247
A vulnerability, which was classified as critical, was found in SourceCodester Simple To-Do List System 1.0. Affected is an unknown function of the file /deletetask.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2934
A vulnerability classified as critical was found in SourceCodester Todo List in Kanban Board 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-todo.php. The manipulation of the argument list leads to sql injection. The attack can be launched remotely. Th...
CVE-2024-2935
A vulnerability, which was classified as problematic, has been found in SourceCodester Todo List in Kanban Board 1.0. Affected by this issue is some unknown functionality of the component Add ToDo. The manipulation of the argument Todo leads to cross site scripting. The attack may be launched...
CVE-2024-2934
A vulnerability classified as critical was found in SourceCodester Todo List in Kanban Board 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-todo.php. The manipulation of the argument list leads to sql injection. The attack can be launched remotely. Th...
CVE-2024-2935 SourceCodester Todo List in Kanban Board Add ToDo cross site scripting
A vulnerability, which was classified as problematic, has been found in SourceCodester Todo List in Kanban Board 1.0. Affected by this issue is some unknown functionality of the component Add ToDo. The manipulation of the argument Todo leads to cross site scripting. The attack may be launched...