Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
timeclock-software employee timeclock software 0.99 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-0122
Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) auth.php or (b) login_action.php.
Timeclock-software Employee Timeclock Software 0.99
1 EDB exploit
5
CVSSv2
CVE-2010-0123
The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for a "semi-predictable file name."
Timeclock-software Employee Timeclock Software 0.99
6.8
CVSSv2
CVE-2010-0707
Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote malicious users to hijack the authentication of an administrator for requests that create new administrative users. NOTE: some of these details are obtained from thir...
Timeclock-software Employee Timeclock Software 0.99
1 EDB exploit
2.1
CVSSv2
CVE-2010-0124
Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
Timeclock-software Employee Timeclock Software 0.99
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started