Webtareas Project

Webtareas

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-53972

Exploit
  • EPSS 0.08%
  • Veröffentlicht 22.12.2025 21:35:32
  • Zuletzt bearbeitet 27.12.2025 17:15:45

WebTareas 2.4 contains a SQL injection vulnerability in the webTareasSID cookie parameter that allows unauthenticated attackers to manipulate database queries. Attackers can exploit error-based and time-based blind SQL injection techniques to extract...

8.8

CVE-2023-53971

Exploit
  • EPSS 0.06%
  • Veröffentlicht 22.12.2025 21:35:32
  • Zuletzt bearbeitet 26.12.2025 17:24:05

WebTareas 2.4 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the chat photo upload functionality. Attackers can upload a PHP file with arbitrary code to the /files/Messages/ directory and ex...

5.4

CVE-2022-44962

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.12.2022 20:15:15
  • Zuletzt bearbeitet 24.04.2025 20:15:29

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Sub...

5.4

CVE-2022-44961

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.12.2022 20:15:15
  • Zuletzt bearbeitet 24.04.2025 20:15:29

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name fie...

5.4

CVE-2022-44960

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.12.2022 20:15:15
  • Zuletzt bearbeitet 24.04.2025 20:15:29

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected i...

5.4

CVE-2022-44959

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 21:15:21

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Nam...

5.4

CVE-2022-44957

Exploit
  • EPSS 1.84%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 21:15:21

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name ...

5.4

CVE-2022-44956

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 21:15:20

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /projects/listprojects.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Nam...

5.4

CVE-2022-44955

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 20:15:28

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field.

5.4

CVE-2022-44954

Exploit
  • EPSS 0.2%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 20:15:28

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Las...