4 matches found
Information disclosure
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. ttUser.class.php in Time Tracker versions prior to 1.20.0.5646 was not escaping primary group name for display. Because of that, it was possible for a logged in user to modify primary group name with element...
Anuko Time Tracker SQL注入漏洞
Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. An SQL injection vulnerability exists in versions prior to Anuko Time Tracker 1.20.0.5646.The vulnerability stems from the fact that the Punch...
Anuko Time Tracker 跨站脚本漏洞
Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. A cross-site scripting vulnerability exists in versions prior to Anuko Time Tracker 1.20.0.5646, which stems from the fact that ttUser.class.p...
CVE-2022-24708 Stored XSS vulnerability in anuko/timetracker
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. ttUser.class.php in Time Tracker versions prior to 1.20.0.5646 was not escaping primary group name for display. Because of that, it was possible for a logged in user to modify primary group name with element...