Lucene search
Webtareas ProjectWebtareas
2 matches found
CVE-2021-41920
webTareas version 2.4 and earlier allows an unauthenticated user to perform Time and Boolean-based blind SQL Injection on the endpoint /includes/library.php, via the sor_cible, sor_champs, and sor_ordre HTTP POST parameters. This allows an attacker to access all the data in the database and obtain ...
7.5CVSS7.9AI score0.02592EPSS
Web
CVE-2020-25733
webTareas through 2.1 allows upload of the dangerous .exe and .shtml file types.
7.5CVSS7.6AI score0.00491EPSS