Simple Task Managing System Security Vulnerabilities and Issues — Simple Task Managing System CVE List

Simple Task Managing System ProjectSimple Task Managing System

8 matches found

CVE•added 2023/02/17 12:0 a.m.•124 views

CVE-2022-40032

The CVE-2022-40032 entry pertains to Simple Task Managing System v1.0, with a SQL Injection in login.php via the username/login and password fields. The connected documents confirm unauthenticated injection that can lead to arbitrary database queries and sensitive data exposure, including user cr...

9.8CVSS10AI score0.20693EPSS

Web

CVE•added 2022/08/27 9:5 a.m.•63 views

CVE-2022-3014

The CVE-2022-3014 entry concerns a cross-site scripting flaw in SourceCodester Simple Task Managing System caused by manipulating the student_add parameter. Multiple connected sources confirm this vulnerability stems from unknown code paths and can be exploited remotely, impacting the affected sy...

6.1CVSS4.8AI score0.0049EPSS

CVE•added 2022/08/27 9:5 a.m.•62 views

CVE-2022-3013

CVE-2022-3013 affects SourceCodester Simple Task Managing System. Affected component: unknown area of /loginVaLidation.php. Root cause: manipulation of the parameter login leads to SQL injection , with remote exploitable access. Multiple connected reports confirm the issue and describe exploitati...

9.8CVSS8.3AI score0.00466EPSS

CVE•added 2022/09/21 5:11 p.m.•53 views

CVE-2022-40026

CVE-2022-40026 affects SourceCodester Simple Task Managing System v1.0. A SQL injection vulnerability is exploitable via the bookId parameter in board.php, with a NVD/CVSSv3.1 base score of 7.2 (HIGH) and impacts to confidentiality, integrity, and availability. Root cause is improper input handli...

7.2CVSS7.2AI score0.00726EPSS

CVE•added 2022/09/21 5:11 p.m.•52 views

CVE-2022-40028

CVE-2022-40028 affects SourceCodester Simple Task Managing System v1.0. The issue is a cross-site scripting (XSS) vulnerability in the newProjectValidation.php component, exploitable via a crafted payload in the fullName parameter, enabling arbitrary web scripts/HTML execution. Root cause is insu...

4.8CVSS5AI score0.00573EPSS

CVE•added 2022/09/21 5:11 p.m.•49 views

CVE-2022-40030

CVE-2022-40030 affects SourceCodester Simple Task Managing System v1.0. The vulnerability is a SQL injection in the bookId parameter of changeStatus.php. This affects the authentication/authorization boundary and can lead to data disclosure/modification per the CVSS 3.1 metrics (CRITICAL, 9.8) wi...

9.8CVSS9.7AI score0.01172EPSS

CVE•added 2022/09/21 5:11 p.m.•45 views

CVE-2022-40029

CVE-2022-40029 affects SourceCodester Simple Task Managing System v1.0. A cross-site scripting (XSS) vulnerability exists in the newProjectValidation.php component, exploitable via the shortName parameter to inject arbitrary web scripts/HTML. The linked sources consistently describe the vulnerabi...

4.8CVSS5AI score0.00573EPSS

CVE•added 2022/09/21 5:11 p.m.•44 views

CVE-2022-40027

CVE-2022-40027 affects SourceCodester Simple Task Managing System v1.0. The vulnerability is a cross-site scripting (XSS) in the newTask.php component, exploitable via the shortName parameter to cause arbitrary web scripts/HTML execution. Reported impact per sources is low on confidentiality/inte...

6.1CVSS5.9AI score0.00666EPSS