Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/02/03 10:1 p.m.24 views

CVE-2020-37080 webTareas 2.0.p8 - Arbitrary File Deletion

webTareas 2.0.p8 contains a file deletion vulnerability in the printlayout.php administration component that allows authenticated attackers to delete arbitrary files. Attackers can exploit the vulnerability by manipulating the 'atttmp1' parameter to specify and delete files on the server through ...

9.8CVSS0.00326EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:12 a.m.9 views

CVE-2022-44291

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php...

9.8CVSS8.2AI score0.03699EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.9 views

CVE-2020-25734

webTareas through 2.1 allows files/Default/ Directory Listing...

5.3CVSS7AI score0.02149EPSS
Exploits0
OSV
OSV
added 2022/12/02 8:15 p.m.4 views

CVE-2022-44955

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...

5.4CVSS5.9AI score0.00405EPSS
Exploits1References2
OSV
OSV
added 2021/10/08 4:15 p.m.3 views

CVE-2021-41918

webTareas version 2.4 and earlier allows an authenticated user to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against the platform users and administrators. The issue affects every endpoint on the...

5.4CVSS6.2AI score0.00547EPSS
Exploits1References1
Rows per page
Query Builder