CVE-2025-10762 | kuaifan DooTask up to 1.2.49 UsersController.php keys[department] sql injection (Issue 283)

A vulnerability categorized as critical has been discovered in kuaifan DooTask up to 1.2.49. Affected by this vulnerability is an unknown functionality of the file app/Http/Controllers/Api/UsersController.php. The manipulation of the argument keys[department] results in sql injection.

This vulnerability is identified as CVE-2025-10762. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More