Taskfreak!@0.5.5 Security Vulnerabilities and Issues — Taskfreak!@0.5.5 CVE List

Lucene search

TaskfreakTaskfreak!0.5.5

3 matches found

CVE•added 2010/06/30 6:30 p.m.•54 views

CVE-2010-1521

SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to login.php.

7.5CVSS8.7AI score0.00706EPSS

CVE•added 2010/06/30 6:30 p.m.•48 views

CVE-2010-1520

Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to inject arbitrary web script or HTML via the tznMessage parameter.

4.3CVSS5.7AI score0.00499EPSS

CVE•added 2010/05/06 12:47 p.m.•41 views

CVE-2010-1583

SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.

7.5CVSS8.3AI score0.00734EPSS