{“lastseen”:””,”description”:”A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app\/Http\/Controllers\/Api\/UsersController.php. The manipulation of the argument keys[department] results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.”,”published”:”2025-09-21T04:32:06.811Z”,”modified”:”2025-09-21T04:32:06.811Z”,”type”:”cve”,”title”:”kuaifan DooTask UsersController.php sql injection”,”source”:”VulDB”,”references”:”https:\/\/vuldb.com\/?id.325117\\nhttps:\/\/vuldb.com\/?ctiid.325117\\nhttps:\/\/vuldb.com\/?submit.646886\\nhttps:\/\/github.com\/kuaifan\/dootask\/issues\/283\\nhttps:\/\/github.com\/kuaifan\/dootask\/issues\/283#issue-3379188930″,”id”:”CVE-2025-10762″,”bulletinFamily”:””,”cwe”:[“CWE-89″,”CWE-74″],”cvelist”:null,”sourceData”:”kuaifan DooTask 1.2.0\\nkuaifan DooTask 1.2.1\\nkuaifan DooTask 1.2.2\\nkuaifan DooTask 1.2.3\\nkuaifan DooTask 1.2.4\\nkuaifan DooTask 1.2.5\\nkuaifan DooTask 1.2.6\\nkuaifan DooTask 1.2.7\\nkuaifan DooTask 1.2.8\\nkuaifan DooTask 1.2.9\\nkuaifan DooTask 1.2.10\\nkuaifan DooTask 1.2.11\\nkuaifan DooTask 1.2.12\\nkuaifan DooTask 1.2.13\\nkuaifan DooTask 1.2.14\\nkuaifan DooTask 1.2.15\\nkuaifan DooTask 1.2.16\\nkuaifan DooTask 1.2.17\\nkuaifan DooTask 1.2.18\\nkuaifan DooTask 1.2.19\\nkuaifan DooTask 1.2.20\\nkuaifan DooTask 1.2.21\\nkuaifan DooTask 1.2.22\\nkuaifan DooTask 1.2.23\\nkuaifan DooTask 1.2.24\\nkuaifan DooTask 1.2.25\\nkuaifan DooTask 1.2.26\\nkuaifan DooTask 1.2.27\\nkuaifan DooTask 1.2.28\\nkuaifan DooTask 1.2.29\\nkuaifan DooTask 1.2.30\\nkuaifan DooTask 1.2.31\\nkuaifan DooTask 1.2.32\\nkuaifan DooTask 1.2.33\\nkuaifan DooTask 1.2.34\\nkuaifan DooTask 1.2.35\\nkuaifan DooTask 1.2.36\\nkuaifan DooTask 1.2.37\\nkuaifan DooTask 1.2.38\\nkuaifan DooTask 1.2.39\\nkuaifan DooTask 1.2.40\\nkuaifan DooTask 1.2.41\\nkuaifan DooTask 1.2.42\\nkuaifan DooTask 1.2.43\\nkuaifan DooTask 1.2.44\\nkuaifan DooTask 1.2.45\\nkuaifan DooTask 1.2.46\\nkuaifan DooTask 1.2.47\\nkuaifan DooTask 1.2.48\\nkuaifan DooTask 1.2.49″,”sourceHref”:””,”cvss”:{“score”:5.3,”severity”:”MEDIUM”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”DooTask”,”version”:”1.2.0″,”vendor”:”kuaifan”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A vulnerability was found in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app\/Http\/Controllers\/Api\/UsersController.php. The manipulation of…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,22,12,21,13,7,11,5],"class_list":["post-18206","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-53","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n