CVE-2010-0122

2010-03-15T13:28:00
ID CVE-2010-0122
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:51:00

Description

Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) auth.php or (b) login_action.php.