54 matches found
Code injection
The time-sheets plugin before 1.5.0 for WordPress has XSS via the old timesheet list...
Cross site scripting
The time-sheets plugin before 1.5.2 for WordPress has multiple XSS issues...
CVE-2017-18582
The CVE-2017-18582 entry documents multiple XSS vulnerabilities in the WordPress time-sheets plugin, specifically in versions before 1.5.2. Affected component: time-sheets WordPress plugin; root cause: multiple cross-site scripting issues. Impact is described as client-side code execution capabil...
CVE-2017-18582
The time-sheets plugin before 1.5.2 for WordPress has multiple XSS issues...
CVE-2017-18581
CVE-2017-18581 affects the WordPress Time Sheets plugin. The vulnerability is a cross-site scripting (XSS) issue via the old timesheet list in versions before 1.5.0 (and related sources note continued risk for
CVE-2017-18581
The time-sheets plugin before 1.5.0 for WordPress has XSS via the old timesheet list...
Threat Outbreak Alert RuleID30432: Email Messages Distributing Malicious Software on August 31, 2017
Medium Alert ID: 55001 First Published: 2017 August 31 19:40 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30432 may contain the following files: Name |...
Time Sheets < 1.5.2 - Multiple XSS
The Time Sheets WordPress plugin was affected by a Multiple XSS security vulnerability...
WordPress Time Sheets plugin <= 1.4.0 - Reflected Cross-Site Scripting (XSS) Vulnerability
WordPress Time Sheets plugin Reflected Cross-Site Scripting XSS Vulnerability was found in 1.4.0 version. There's a problem with sanitization with “startdate” and “enddate" GET arguments. Solution Update the plugin...
CVE-2008-1414
Cross-site scripting XSS vulnerability in Multiple Time Sheets MTS 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the tab parameter to 1 index.php, as demonstrated using mixed case and encoded whitespace characters in the tag; or 2 clientinfo.php, 3 invoices.ph...
CVE-2008-1415
Directory traversal vulnerability in index.php in Multiple Time Sheets MTS 5.0 and earlier allows remote attackers to read arbitrary files via "../..//" modified dot dot sequences in the tab parameter...
CVE-2008-1414
CVE-2008-1414 : The vulnerability affects Multiple Time Sheets (MTS) 5.0 and earlier. A cross-site scripting (XSS) flaw exists where an attacker can inject arbitrary script or HTML via the tab parameter to index.php, or to clientinfo.php, invoices.php, smartlinks.php, and todo.php, demonstrated b...
CVE-2008-1414
Cross-site scripting XSS vulnerability in Multiple Time Sheets MTS 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the tab parameter to 1 index.php, as demonstrated using mixed case and encoded whitespace characters in the tag; or 2 clientinfo.php, 3 invoices.ph...
CVE-2008-1415
CVE-2008-1415 affects the web app component index.php in Multiple Time Sheets (MTS) 5.0 and earlier. The vulnerability is a directory traversal through the tab parameter, using modified dot-dot sequences ("../..//"), allowing remote attackers to read arbitrary files. The provided documents do not...