Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote malicious users to hijack the authentication of an administrator for requests that create new administrative users. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
timeclock-software employee timeclock software 0.99 |