CVE-2024-25222

CVE-2024-25222 affects Task Manager App v1.0, with a SQL injection vulnerability in the /TaskManager/EditProject.php endpoint, exploitable via the projectID parameter. The CVSSv3.1 vector/metrics indicate a CRITICAL impact (CVSS 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Connected sources confirm...

CVE-2024-25220

CVE-2024-25220 : Task Manager App v1.0 is affected by a SQL injection vulnerability exploitable via the taskID parameter on /TaskManager/EditTask.php. The CVSS v3.1 metrics in the public entry show a_CRITICAL_ base score of 9.8 with NETWORK attack vector, LOW attack complexity, and NONE privilege...

CVE-2024-25218

CVE-2024-25218 is a cross-site scripting (XSS) vulnerability in Task Manager App v1.0 where an attacker can inject arbitrary scripts via the Project Name parameter in /TaskManager/Projects.php. The issue originates from unsanitized input in the API endpoint, enabling script execution in a user’s ...

CVE-2024-25219

CVE-2024-25219 affects Task Manager App v1.0. The vulnerability is a cross-site scripting (XSS) flaw in the Task Name parameter of the /TaskManager/Task.php endpoint, enabling attackers to inject and execute arbitrary web scripts/HTML. Affected component: Task Manager App, file /TaskManager/Task....

CVE-2024-25221

CVE-2024-25221 affects Task Manager App v1.0, where a reflected XSS can be triggered via the Note Section parameter in /TaskManager/Tasks.php. The CVE entry lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, low attack complexity, no privileges, user interaction required, an...

CVE-2024-11096

CVE-2024-11096 affects code-projects Task Manager 1.0. The vulnerability is an SQL injection in the /newProject.php page, triggered by manipulating the projectName parameter. Exploitation is possible remotely, and public exploit information exists. The CVSS data across sources indicates various i...