3 matches found
CVE-2024-8140
CVE-2024-8140 affects SourceCodester Task Progress Tracker 1.0. The vulnerability is in the file update-task.php where manipulation of the parameter task_name enables Cross-Site Scripting (XSS) . Exploitation can be remote and the exploit has been disclosed publicly. Public sources consistently i...
CVE-2024-7793
CVE-2024-7793 affects SourceCodester Task Progress Tracker 1.0. A vulnerability in the file /endpoint/add-task.php arises from unsafely handling the task_name parameter, enabling cross-site scripting. The issue is exploitable remotely and has been publicly disclosed. Multiple sources corroborate ...
CVE-2024-7792
The CVE-2024-7792 entry relates to SourceCodester Task Progress Tracker 1.0. Affected component: the function handling the task parameter in /endpoint/delete-task.php. Root cause: input manipulation leading to SQL injection. Impact: remote exploitation with potential impact to confidentiality, in...