Lucene search
K

5 matches found

OSV
OSV
added 2026/02/19 11:15 a.m.7 views

CVE-2025-15560

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

8.8CVSS6AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 11:15 a.m.8 views

CVE-2025-15560

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

8.8CVSS0.00251EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 10:48 a.m.6 views

CVE-2025-15560

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

6.2AI score0.00251EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/19 10:48 a.m.20 views

CVE-2025-15560

CVE-2025-15560 : An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server “widget” API endpoint to inject SQL queries. If the backend uses Firebird , the attacker can retrieve all data from the database. If the backend uses MSSQL , the attacker can exe...

8.8CVSS6.2AI score0.00251EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/19 10:48 a.m.29 views

CVE-2025-15560 SQL Injection in NesterSoft WorkTime

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

0.00251EPSS
Exploits0References1
Rows per page
Query Builder