EUVD-2025-208873

BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL validation to...

CVE-2024-39250

EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface...

CVE-2024-39250

EfroTech Timetrax v8.3 is affected by an unauthenticated SQL injection via the q parameter in the search web interface. The issue, detailed in the CVE-2024-39250/Nuclei template, allows unauthenticated attackers to perform SQL injection against the Timetrax database. The vulnerability is associat...

CVE-2024-39250

EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface...

PT-2024-28411 · Efrotech · Efrotech Timetrax

Name of the Vulnerable Software and Affected Versions: EfroTech Timetrax version 8.3 Description: The issue is related to an unauthenticated SQL injection vulnerability. This vulnerability can be exploited via the q parameter in the search web interface. Recommendations: For EfroTech Timetrax...

Description of the security update for SharePoint Enterprise Server 2013: October 8, 2019

Description of the security update for SharePoint Enterprise Server 2013: October 8, 2019 Summary This security update resolves an elevation of privilege vulnerability that exists in Microsoft SharePoint. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...