17 matches found
CVE-2022-26627
Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file...
CVE-2022-26295
A stored cross-site scripting XSS vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field...
CVE-2022-26293
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function saveemployee at /ptms/classes/Users.php...
EUVD-2022-30856
Malicious code in bioql PyPI...
CVE-2022-26627
The CVE-2022-26627 entry concerns Online Project Time Management System v1.0, where an arbitrary file write vulnerability exists that enables an attacker to execute arbitrary code through a crafted HTML file. The connected Red Hat entry reiterates the same description, confirming that the flaw is...
Online Project Time Management System Cross-Site Scripting Vulnerability
Online Project Time Management System is a web-based online project time management system that provides an online platform for a company's employees to report/record their assigned time or the time each project is resubmitted. online project time management system A cross-site scripting...
CVE-2022-26293
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function saveemployee at /ptms/classes/Users.php...
Sql injection
Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function saveemployee at /ptms/classes/Users.php...
Cross site scripting
A stored cross-site scripting XSS vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field...
CVE-2022-26295
A stored cross-site scripting XSS vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field...
CVE-2022-26293
CVE-2022-26293 affects Online Project Time Management System v1.0. The vulnerability is a SQL injection in the id parameter of the save_employee function in /ptms/classes/Users.php, allowing an attacker to manipulate SQL queries. Multiple connected sources confirm the issue and outline the vulner...
Online Project Time Management System 1.0 Cross Site Scripting
Exploit Title: Online Project Time Management System 1.0 - Multiple Stored XSS Authenticated Date: 19/01/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Online Project Time Management System 1.0 - SQLi (Authenticated)
Exploit Title: Online Project Time Management System 1.0 - SQLi Authenticated Date: 19/01/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Online Project Time Management System 1.0 - Multiple Stored Cross Site Scripting (XSS) (Authenticated)
Exploit Title: Online Project Time Management System 1.0 - Multiple Stored XSS Authenticated Date: 19/01/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Online Project Time Management System 1.0 - Multiple Stored Cross Site Scripting Vulnerabilities
Exploit Title: Online Project Time Management System 1.0 - Multiple Stored XSS Authenticated Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
CVE-2021-46451
An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the loadfile function...
Sql injection
An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the loadfile function...