Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-4693

Malware in sbrugna...

9.3CVSS6.4AI score0.01248EPSS
Exploits1References4
Openbugbounty
Openbugbounty
added 2021/09/11 12:6 p.m.33 views

biz30.timedoctor.com Cross Site Scripting vulnerability OBB-2138487

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Prion
Prion
added 2015/08/07 1:59 a.m.11 views

Code injection

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

9.3CVSS7.8AI score0.01248EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2015/08/07 1:59 a.m.17 views

CVE-2015-4674

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

9.3CVSS7.4AI score0.01248EPSS
Exploits1References3
Cvelist
Cvelist
added 2015/08/07 1:0 a.m.21 views

CVE-2015-4674

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

7.4AI score0.01248EPSS
Exploits1References3
CVE
CVE
added 2015/08/07 1:0 a.m.35 views

CVE-2015-4674

The CVE relates to TimeDoctor Pro (Windows) 1.4.72.3, where the autoupdate mechanism relies on unsigned installer files fetched without SSL, enabling potential MITM manipulation to run arbitrary code. This describes a supply-chain/update integrity flaw in the autoupdate component, with the underl...

9.3CVSS7.6AI score0.01248EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2015/07/12 12:0 a.m.2 views

TimeDoctor Secure Bypass Arbitrary Code Execution Vulnerability

TimeDoctor is a professional version of time tracking and management software. A security bypass vulnerability exists in TimeDoctor that allows remote attackers to execute arbitrary code via a man-in-the-middle attack...

9.3CVSS7.9AI score0.01248EPSS
Exploits1References1
Rows per page
Query Builder