Lucene search
K

4 matches found

Nuclei
Nuclei
added yesterday41 views

Timesheet Next Gen <=1.5.3 - Cross-Site Scripting

Timesheet Next Gen 1.5.3 and earlier is vulnerable to cross-site scripting that allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the...

6.1CVSS6.6AI score0.043EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 a.m.12 views

CVE-2019-1010287

Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting XSS. The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may...

6.1CVSS6.9AI score0.043EPSS
Exploits1References1
CVE
CVE
added 2019/07/17 8:2 p.m.71 views

CVE-2019-1010287

Timesheet Next Gen vulnerable to reflected XSS (CVE-2019-1010287) in login.php (lines 40 and 54) via a redirect parameter. Affected: Timesheet Next Gen versions 1.5.3 and earlier. Impact: attacker can cause arbitrary HTML/JavaScript execution when a user clicks a malicious URL. Affected vector: r...

6.1CVSS6.3AI score0.043EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/07/17 8:2 p.m.20 views

CVE-2019-1010287

Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting XSS. The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may...

6.3AI score0.043EPSS
Exploits1References2
Rows per page
Query Builder