17 matches found
VulnCheck KEV: CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
EUVD-2025-200092
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
mJobtime 安全漏洞
mJobtime is a time tracking and job management software from the US-based mJobtime, Inc. A security vulnerability exists in mJobtime version 15.7.2 that stems from improper handling of client-side authorization and could allow an attacker to modify client-side code and gain access to administrato...
CVE-2025-51683
CVE-2025-51683: mJobtime v15.7.2 contains a blind SQL injection in the /Default.aspx/update_profile_Server endpoint. Exploitation is unauthenticated and can lead to arbitrary SQL execution, with high impact on confidentiality, integrity, and availability. The description and sources confirm the v...
CVE-2025-51683
A blind SQL Injection SQLi vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/updateprofileServer endpoint...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
CVE-2025-51682
mJobtime v15.7.2 is affected by two issues. CVE-2025-51682 describes client‑side authorization handling that can be bypassed to gain access to administrative features by modifying client code and crafting requests that call admin functions. CVE-2025-51683 describes a blind SQL injection via a cra...
mJobtime 安全漏洞
mJobtime is a time tracking and job management software from the US company mJobtime. A security vulnerability exists in mJobtime version v15.7.2 that originates from an unauthenticated attacker being able to execute arbitrary SQL statements via a specially crafted POST request, potentially...
CVE-2025-51682
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly...
PT-2025-48032
Name of the Vulnerable Software and Affected Versions mJobtime version 15.7.2 Description A blind SQL Injection SQLi issue exists in mJobtime version 15.7.2. An unauthenticated attacker can execute arbitrary SQL statements by sending a specially crafted POST request to the /Default.aspx/update...
PT-2025-48031
Name of the Vulnerable Software and Affected Versions mJobtime version 15.7.2 Description The software handles authorization on the client side, allowing an attacker to modify the client-side code and gain access to administrative features. Attackers can craft requests based on the modified...