4 matches found
CVE-2024-25218
CVE-2024-25218 is a cross-site scripting (XSS) vulnerability in Task Manager App v1.0 where an attacker can inject arbitrary scripts via the Project Name parameter in /TaskManager/Projects.php. The issue originates from unsanitized input in the API endpoint, enabling script execution in a user’s ...
CVE-2024-25219
CVE-2024-25219 affects Task Manager App v1.0. The vulnerability is a cross-site scripting (XSS) flaw in the Task Name parameter of the /TaskManager/Task.php endpoint, enabling attackers to inject and execute arbitrary web scripts/HTML. Affected component: Task Manager App, file /TaskManager/Task....
CVE-2024-25221
CVE-2024-25221 affects Task Manager App v1.0, where a reflected XSS can be triggered via the Note Section parameter in /TaskManager/Tasks.php. The CVE entry lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, low attack complexity, no privileges, user interaction required, an...
CVE-2024-11096
CVE-2024-11096 affects code-projects Task Manager 1.0. The vulnerability is an SQL injection in the /newProject.php page, triggered by manipulating the projectName parameter. Exploitation is possible remotely, and public exploit information exists. The CVSS data across sources indicates various i...