Mayurik Php Task Management System vulnerabilities

11 known vulnerabilities affecting mayurik/php_task_management_system.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH6MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-28613CRITICALCVSS 9.8v1.02024-04-24
CVE-2024-28613 [CRITICAL] CWE-89 CVE-2024-28613: SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the task_id parameter of the task-details.php, and edit-task.php component.
nvd
CVE-2024-28557CRITICALCVSS 9.8v1.02024-04-15
CVE-2024-28557 [CRITICAL] CWE-89 CVE-2024-28557: SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attacke SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.
nvd
CVE-2024-28556CRITICALCVSS 9.8v1.02024-04-15
CVE-2024-28556 [CRITICAL] CWE-89 CVE-2024-28556: SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attacke SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.
nvd
CVE-2024-3221HIGHCVSS 8.8v1.02024-04-03
CVE-2024-3221 [MEDIUM] CWE-89 CVE-2024-3221: A vulnerability classified as critical was found in SourceCodester PHP Task Management System 1.0. T A vulnerability classified as critical was found in SourceCodester PHP Task Management System 1.0. This vulnerability affects unknown code of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-259066 is the
nvd
CVE-2024-3222HIGHCVSS 8.8v1.02024-04-03
CVE-2024-3222 [MEDIUM] CWE-89 CVE-2024-3222: A vulnerability, which was classified as critical, has been found in SourceCodester PHP Task Managem A vulnerability, which was classified as critical, has been found in SourceCodester PHP Task Management System 1.0. This issue affects some unknown processing of the file admin-password-change.php. The manipulation of the argument admin_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may
nvd
CVE-2024-3223HIGHCVSS 8.8v1.02024-04-03
CVE-2024-3223 [MEDIUM] CWE-89 CVE-2024-3223: A vulnerability, which was classified as critical, was found in SourceCodester PHP Task Management S A vulnerability, which was classified as critical, was found in SourceCodester PHP Task Management System 1.0. Affected is an unknown function of the file admin-manage-user.php. The manipulation of the argument admin_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Th
nvd
CVE-2024-3224HIGHCVSS 8.8v1.02024-04-03
CVE-2024-3224 [MEDIUM] CWE-89 CVE-2024-3224: A vulnerability has been found in SourceCodester PHP Task Management System 1.0 and classified as cr A vulnerability has been found in SourceCodester PHP Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file task-details.php. The manipulation of the argument task_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be
nvd
CVE-2024-3225MEDIUMCVSS 6.5v1.02024-04-03
CVE-2024-3225 [MEDIUM] CWE-89 CVE-2024-3225: A vulnerability was found in SourceCodester PHP Task Management System 1.0 and classified as critica A vulnerability was found in SourceCodester PHP Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file edit-task.php. The manipulation of the argument task_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259
nvd
CVE-2024-29303CRITICALCVSS 9.8v1.02024-03-26
CVE-2024-29303 [CRITICAL] CWE-89 CVE-2024-29303: The delete admin users function of SourceCodester PHP Task Management System 1.0 is vulnerable to SQ The delete admin users function of SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection
nvd
CVE-2024-29302HIGHCVSS 7.5v1.02024-03-26
CVE-2024-29302 [HIGH] CWE-89 CVE-2024-29302: SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-employee.php SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-employee.php.
nvd
CVE-2024-29301HIGHCVSS 7.5v1.02024-03-26
CVE-2024-29301 [HIGH] CWE-89 CVE-2024-29301: SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?ad SourceCodester PHP Task Management System 1.0 is vulnerable to SQL Injection via update-admin.php?admin_id=
nvd