CVE-2024-2934 SourceCodester Todo List in Kanban Board delete-todo.php sql injection

A vulnerability classified as critical was found in SourceCodester Todo List in Kanban Board 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-todo.php. The manipulation of the argument list leads to sql injection. The attack can be launched remotely. Th...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in freelancerKit 2.35 allow remote attackers to inject arbitrary web script or HTML via the 1 ticket parameter to tickets.php, 2 title parameter to notes.php, or 3 task parameter to todo.php. NOTE: some of these details are obtained from third par...

Cross-site Scripting (XSS) Vulnerabilities in CruxPA

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CruxPA which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in CruxPA: CVE-2010-2718 The vulnerability exists due to input sanitation err...

Cross site scripting

Cross-site scripting XSS vulnerability in Multiple Time Sheets MTS 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the tab parameter to 1 index.php, as demonstrated using mixed case and encoded whitespace characters in the tag; or 2 clientinfo.php, 3 invoices.ph...