17 matches found
VulnCheck KEV: CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
EUVD-2025-200092
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51683
CVE-2025-51683: mJobtime v15.7.2 contains a blind SQL injection in the /Default.aspx/update_profile_Server endpoint. Exploitation is unauthenticated and can lead to arbitrary SQL execution, with high impact on confidentiality, integrity, and availability. The description and sources confirm the v...
mJobtime 安全漏洞
mJobtime is a time tracking and job management software from the US company mJobtime. A security vulnerability exists in mJobtime version v15.7.2 that originates from an unauthenticated attacker being able to execute arbitrary SQL statements via a specially crafted POST request, potentially...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
mJobtime 安全漏洞
mJobtime is a time tracking and job management software from the US-based mJobtime, Inc. A security vulnerability exists in mJobtime version 15.7.2 that stems from improper handling of client-side authorization and could allow an attacker to modify client-side code and gain access to administrato...
CVE-2025-51682
mJobtime v15.7.2 is affected by two issues. CVE-2025-51682 describes client‑side authorization handling that can be bypassed to gain access to administrative features by modifying client code and crafting requests that call admin functions. CVE-2025-51683 describes a blind SQL injection via a cra...
PT-2025-48032
Name of the Vulnerable Software and Affected Versions mJobtime version 15.7.2 Description A blind SQL Injection SQLi issue exists in mJobtime version 15.7.2. An unauthenticated attacker can execute arbitrary SQL statements by sending a specially crafted POST request to the /Default.aspx/update...
PT-2025-48031
Name of the Vulnerable Software and Affected Versions mJobtime version 15.7.2 Description The software handles authorization on the client side, allowing an attacker to modify the client-side code and gain access to administrative features. Attackers can craft requests based on the modified...