180 matches found
PT-2023-25495 · Gnome +1 · Gnome Time Tracker +1
Name of the Vulnerable Software and Affected Versions: GNOME time tracker version 3.0.2 Description: The issue allows local attackers to execute arbitrary code via a crafted .tsv file when creating a new record. This is a result of a CSV Injection vulnerability in the GNOME time tracker...
CVE-2023-32308 SQL Injection Vulnerability in anuko timetracker
anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...
CVE-2023-32308 SQL Injection Vulnerability in anuko timetracker
anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...
Anuko TimeTracker SQL注入漏洞
Anuko TimeTracker is an Anuko open source application . Provides a Web-based open source time tracking application written in PHP. A SQL injection vulnerability exists in versions prior to Anuko TimeTracker 1.22.11.5781, which stems from a Boolean-based SQL injection in Time Tracker invoices.php,...
CVE-2023-32306
Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...
Crlf injection
Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...
CVE-2023-32306 Time Tracker has Blind SQL Injection Vulnerability in Reports
Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...
CVE-2023-32306 Time Tracker has Blind SQL Injection Vulnerability in Reports
Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...
CVE-2023-32306
Time Tracker vulnerability CVE-2023-32306 exists in the Reports feature (reports.php) of Time Tracker prior to version 1.22.13.5792. A time-based blind SQL injection arises because several POST parameters aren’t properly validated, enabling crafted requests to inject SQL into the Time Tracker dat...
CVE-2023-32306 Time Tracker has Blind SQL Injection Vulnerability in Reports
Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions prior to 1.22.13.5792. This was happening because the reports.php page was not validating all parameters in POST requests. Because some parameters were not...
Time Tracker SQL注入漏洞
Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. A SQL injection vulnerability exists in versions prior to Time Tracker 1.22.13.5792, which stems from a blind time-based injection vulnerabili...
PT-2023-23715 · Unknown · Time Tracker
Name of the Vulnerable Software and Affected Versions: Time Tracker versions prior to 1.22.13.5792 Description: A time-based blind injection issue existed in Time Tracker reports due to the reports.php page not validating all parameters in POST requests. This allowed malicious SQL to be crafted f...
CVE-2023-32066
Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...
Code injection
Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...
CVE-2023-32066 Time Tracker has Stored XSS vulnerability in Week View plugin
Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...
CVE-2023-32066 Time Tracker has Stored XSS vulnerability in Week View plugin
Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...
CVE-2023-32066 Time Tracker has Stored XSS vulnerability in Week View plugin
Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then ...
CVE-2023-32066
Time Tracker’s Week View plugin (versions setTitle call in week.php (line ~245) as implemented in 1.22.12.5783. Affected products include Anuko Time Tracker; no exploitation status is provided in the documents. Recommended remediation: upgrade to 1.22.12.5783 or newer to mitigate the vulnerabilit...
Anuko Time Tracker 跨站脚本漏洞
Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. A cross-site scripting vulnerability exists in versions prior to Anuko Time Tracker 1.22.11.5782. An attacker can exploit this vulnerability t...
SUSE CVE-2022-32088
MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exectimetracker::getloops/Filesorttracker::reportuse/filesort...