28 matches found
CVE-2022-26627
Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...
CVE-2022-26295
A stored cross-site scripting XSS vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field...
CVE-2022-26293
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function saveemployee at /ptms/classes/Users.php...
EUVD-2021-33127
Malicious code in bioql PyPI...
EUVD-2022-30854
Malicious code in bioql PyPI...
EUVD-2022-30856
Malicious code in bioql PyPI...
CVE-2022-26627
Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...
CVE-2022-26627
Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...
CVE-2022-26627
Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...
CVE-2022-26627
The CVE-2022-26627 entry concerns Online Project Time Management System v1.0, where an arbitrary file write vulnerability exists that enables an attacker to execute arbitrary code through a crafted HTML file. The connected Red Hat entry reiterates the same description, confirming that the flaw is...
CVE-2022-26295
A stored cross-site scripting XSS vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field...
CVE-2022-26293
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function saveemployee at /ptms/classes/Users.php...
CVE-2022-26293
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function saveemployee at /ptms/classes/Users.php...
Sql injection
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function saveemployee at /ptms/classes/Users.php...
Cross site scripting
A stored cross-site scripting XSS vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field...
CVE-2022-26295
A stored cross-site scripting XSS vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field...
CVE-2022-26293
CVE-2022-26293 affects Online Project Time Management System v1.0. The vulnerability is a SQL injection in the id parameter of the save_employee function in /ptms/classes/Users.php, allowing an attacker to manipulate SQL queries. Multiple connected sources confirm the issue and outline the vulner...
Sourcecodester Online Project Time Management System SQL注入漏洞
Online Project Time Management System is a web-based online project time management system that provides an online platform for a company's employees to report/record their assigned time or time spent on each project resubmission. online project time management system A SQL injection vulnerabilit...
Sourcecodester Online Project Time Management System 跨站脚本漏洞
Online Project Time Management System is a web-based online project time management system that provides an online platform for a company's employees to report/record their assigned time or the time each project is resubmitted. online project time management system A cross-site scripting...
Online Project Time Management System 1.0 SQL Injection
Exploit Title: Online Project Time Management System 1.0 - SQLi Authenticated Date: 19/01/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.sourcecodester.com/ Software Link:...