10 matches found
CVE-2022-30927
CVE-2022-30927 describes a SQL injection vulnerability in the software named “Simple Task Scheduling System 1.0” when using MySQL as the application database. The vulnerability allows an attacker to issue SQL commands through the vulnerable id parameter. The connected documents confirm the affect...
CVE-2022-36679
CVE-2022-36679 affects Simple Task Scheduling System v1.0 . The vulnerability is a SQL injection that can be triggered via the id parameter in the URL /admin/?page=user/manage_user. The available data identify the root cause as unsafely constructed SQL queries exposing both confidentiality and in...
CVE-2022-36676
CVE-2022-36676 affects Simple Task Scheduling System v1.0. The vulnerability is a SQL injection in the id parameter of the /categories/view_category.php endpoint. The issue is documented across multiple sources (NVD, Red Hat, PRION/PT-Security, CNNVD, CVE list) with no explicit exploit details pr...
CVE-2022-36675
CVE-2022-36675 applies to the open-source/legacy software “Simple Task Scheduling System v1.0.” The vulnerability is a SQL injection in the id parameter of the endpoint /schedules/manage_schedule.php. The available sources consistently state a SQLi flaw but do not provide concrete exploit details...
CVE-2022-36681
Summary: CVE-2022-36681 affects Simple Task Scheduling System v1.0, with a SQL injection vulnerability in the id parameter of the endpoint /classes/Master.php?f=delete_account. The root cause is an unsafely handled id value leading to SQL injection. The vulnerability is considered high severity (...
CVE-2022-36678
CVE-2022-36678 affects Simple Task Scheduling System v1.0. A SQL injection vulnerability exists in the id parameter to /classes/Master.php?f=delete_category, allowing potentially arbitrary SQL execution. The NVD entry rates it as CRITICAL (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Connected...
CVE-2022-36682
CVE-2022-36682 affects Simple Task Scheduling System v1.0. The vulnerability is a SQL injection exploitable via the id parameter in /classes/Master.php?f=delete_student. According to the NVD entry, this has a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack vector, no user interaction r...
CVE-2022-36674
The CVE-2022-36674 entry describes a SQL injection in Simple Task Scheduling System v1.0, exploitable via the id parameter at /schedules/view_schedule.php. Affected component is the web-facing PHP endpoint; root cause is unsafely interpolating user-supplied id into a SQL query (SQLi). NVD shows a...
CVE-2022-36680
CVE-2022-36680 affects Simple Task Scheduling System v1.0. The vulnerability is a SQL injection in the id parameter of the endpoint /classes/Master.php?f=delete_schedule, enabling potentially unauthorized data access or manipulation. The CVSS v3.1 score is 9.8 (CRITICAL) with network attack vecto...
CVE-2022-36683
CVE-2022-36683 affects Simple Task Scheduling System v1.0 . It describes a SQL injection vulnerability in the parameter id of /classes/Master.php?f=delete_payment. Root cause: unsanitized input fed into SQL, enabling arbitrary queries. Impact is described as C on confidentiality, integrity, and a...