Lucene search
K

180 matches found

Positive Technologies
Positive Technologies
added 2023/09/02 12:0 a.m.4 views

PT-2023-25495 · Gnome +1 · Gnome Time Tracker +1

Name of the Vulnerable Software and Affected Versions: GNOME time tracker version 3.0.2 Description: The issue allows local attackers to execute arbitrary code via a crafted .tsv file when creating a new record. This is a result of a CSV Injection vulnerability in the GNOME time tracker...

7.8CVSS7.9AI score0.00556EPSS
Exploits1References17
Vulnrichment
Vulnrichment
added 2023/05/15 8:47 p.m.12 views

CVE-2023-32308 SQL Injection Vulnerability in anuko timetracker

anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...

8.2CVSS9.8AI score0.00658EPSS
Exploits0References2
OSV
OSV
added 2023/05/15 8:47 p.m.29 views

CVE-2023-32308 SQL Injection Vulnerability in anuko timetracker

anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...

8.2CVSS9.4AI score0.00658EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.11 views

Anuko TimeTracker SQL注入漏洞

Anuko TimeTracker is an Anuko open source application . Provides a Web-based open source time tracking application written in PHP. A SQL injection vulnerability exists in versions prior to Anuko TimeTracker 1.22.11.5781, which stems from a Boolean-based SQL injection in Time Tracker invoices.php,...

9.8CVSS8.6AI score0.00658EPSS
Exploits0References3
NVD
NVD
added 2023/05/12 7:15 p.m.15 views

CVE-2023-32306

Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...

9.8CVSS9.1AI score0.00721EPSS
Exploits0References1
Prion
Prion
added 2023/05/12 7:15 p.m.14 views

Crlf injection

Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...

7.5CVSS9.3AI score0.00721EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/12 6:52 p.m.11 views

CVE-2023-32306 Time Tracker has Blind SQL Injection Vulnerability in Reports

Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...

8.8CVSS7.8AI score0.00721EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/12 6:52 p.m.21 views

CVE-2023-32306 Time Tracker has Blind SQL Injection Vulnerability in Reports

Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...

8.8CVSS9.6AI score0.00721EPSS
Exploits0References1
CVE
CVE
added 2023/05/12 6:52 p.m.40 views

CVE-2023-32306

Time Tracker vulnerability CVE-2023-32306 exists in the Reports feature (reports.php) of Time Tracker prior to version 1.22.13.5792. A time-based blind SQL injection arises because several POST parameters aren’t properly validated, enabling crafted requests to inject SQL into the Time Tracker dat...

9.8CVSS9.3AI score0.00721EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/05/12 6:52 p.m.7 views

CVE-2023-32306 Time Tracker has Blind SQL Injection Vulnerability in Reports

Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...

8.8CVSS7.9AI score0.00721EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.6 views

Time Tracker SQL注入漏洞

Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. A SQL injection vulnerability exists in versions prior to Time Tracker 1.22.13.5792, which stems from a blind time-based injection vulnerabili...

9.8CVSS8.6AI score0.00721EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/12 12:0 a.m.8 views

PT-2023-23715 · Unknown · Time Tracker

Name of the Vulnerable Software and Affected Versions: Time Tracker versions prior to 1.22.13.5792 Description: A time-based blind injection issue existed in Time Tracker reports due to the reports.php page not validating all parameters in POST requests. This allowed malicious SQL to be crafted f...

9.8CVSS9.5AI score0.00721EPSS
Exploits0References4
NVD
NVD
added 2023/05/09 4:15 p.m.28 views

CVE-2023-32066

Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...

5.4CVSS5.2AI score0.00369EPSS
Exploits0References2
Prion
Prion
added 2023/05/09 4:15 p.m.12 views

Code injection

Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...

4.9CVSS5.2AI score0.00369EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/05/09 3:28 p.m.24 views

CVE-2023-32066 Time Tracker has Stored XSS vulnerability in Week View plugin

Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...

5.4CVSS5.2AI score0.00369EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/05/09 3:28 p.m.46 views

CVE-2023-32066 Time Tracker has Stored XSS vulnerability in Week View plugin

Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...

5.4CVSS5.4AI score0.00369EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/09 3:28 p.m.12 views

CVE-2023-32066 Time Tracker has Stored XSS vulnerability in Week View plugin

Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...

5.4CVSS5.2AI score0.00369EPSS
Exploits0References2
CVE
CVE
added 2023/05/09 3:28 p.m.46 views

CVE-2023-32066

Time Tracker’s Week View plugin (versions setTitle call in week.php (line ~245) as implemented in 1.22.12.5783. Affected products include Anuko Time Tracker; no exploitation status is provided in the documents. Recommended remediation: upgrade to 1.22.12.5783 or newer to mitigate the vulnerabilit...

5.4CVSS5.2AI score0.00369EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.6 views

Anuko Time Tracker 跨站脚本漏洞

Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. A cross-site scripting vulnerability exists in versions prior to Anuko Time Tracker 1.22.11.5782. An attacker can exploit this vulnerability t...

5.4CVSS5.8AI score0.00369EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.2 views

SUSE CVE-2022-32088

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exectimetracker::getloops/Filesorttracker::reportuse/filesort...

4.4CVSS8.4AI score0.01766EPSS
Exploits1References10
Rows per page
Query Builder