Filtered by vendor Dootask
Subscriptions
Filtered by product Dootask
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10762 | 1 Dootask | 1 Dootask | 2025-09-22 | 6.3 Medium |
| A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keys[department] results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-55454 | 1 Dootask | 1 Dootask | 2025-09-12 | 8.8 High |
| An authenticated arbitrary file upload vulnerability in the component /msg/sendfiles of DooTask v1.0.51 allows attackers to execute arbitrary code via uploading a crafted file. | ||||
| CVE-2025-55455 | 1 Dootask | 1 Dootask | 2025-09-12 | 3.5 Low |
| DooTask v1.0.51 was dicovered to contain an authenticated arbitrary download vulnerability via the component /msg/sendtext. | ||||
| CVE-2024-34906 | 1 Dootask | 1 Dootask | 2025-02-13 | 6.3 Medium |
| An arbitrary file upload vulnerability in dootask v0.30.13 allows attackers to execute arbitrary code via uploading a crafted PDF file. | ||||
Page 1 of 1.