Vulnerabilities > Webtareas Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-18 | CVE-2020-25735 | Cross-site Scripting vulnerability in Webtareas Project Webtareas 2.0/2.1 webTareas through 2.1 allows XSS in clients/editclient.php, extensions/addextension.php, administration/add_announcement.php, administration/departments.php, administration/locations.php, expenses/claim_type.php, projects/editproject.php, and general/newnotifications.php. | 6.1 |
2020-09-18 | CVE-2020-25734 | Path Traversal vulnerability in Webtareas Project Webtareas 2.0/2.1 webTareas through 2.1 allows files/Default/ Directory Listing. | 5.3 |
2020-09-18 | CVE-2020-25733 | Unrestricted Upload of File with Dangerous Type vulnerability in Webtareas Project Webtareas 2.0/2.1 webTareas through 2.1 allows upload of the dangerous .exe and .shtml file types. | 7.5 |
2020-08-26 | CVE-2020-23660 | Cross-site Scripting vulnerability in Webtareas Project Webtareas 2.1 webTareas v2.1 is affected by Cross Site Scripting (XSS) on "Search." | 5.4 |
2020-06-22 | CVE-2020-14973 | Cross-site Scripting vulnerability in Webtareas Project Webtareas 2.0 The loginForm within the general/login.php webpage in webTareas 2.0p8 suffers from a Reflected Cross Site Scripting (XSS) vulnerability via the query string. | 6.1 |