Vulnerabilities (CVE)

Filtered by vendor Burden Project Subscribe
Filtered by product Burden
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-24589 1 Burden Project 1 Burden 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter.
CVE-2013-7137 1 Burden Project 1 Burden 2024-11-21 7.5 HIGH 9.8 CRITICAL
The "remember me" functionality in login.php in Burden before 1.8.1 allows remote attackers to bypass authentication and gain privileges by setting the burden_user_rememberme cookie to 1.