EUVD-2014-2094

Malware in sbrugna...

EUVD-2014-1297

Malware in sbrugna...

timelive time and expense tracking 4.1.1 - Multiple Vulnerabilities

No description provided by source. Exploit Title : TimeLive Time and Expense Tracking = Multiple Vulnerabilities Vulnerability : Directory Traversal / Remote Database Download / File Download / Source Code Disclosure Date : 28/09/2011 Author : Nathaniel Carew Impact : High Software Link :...

CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive

Vulnerability title: Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE: CVE-2014-1217 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.2.8 Reported by: Richard Hatch Details: It was possible to access a URL that allowed...

CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive

Vulnerability title: Unrestricted file upload in Livetecs Timelive CVE: CVE-2014-2042 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.5.1 Reported by: Richard Hatch Details: It was discovered that it was possible for low-level TimeLive application users to upload file...

CVE-2014-2042

Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory ...

CVE-2014-1217

Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors...

Unrestricted file upload

Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory ...

CVE-2014-2042

Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory ...

Design/Logic Flaw

Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors...

CVE-2014-1217

Livetecs Timelive prior to version 6.2.8 has an unauthenticated access flaw in systemsetting.aspx that enables remote attackers to alter configurations and disclose the database connection string and credentials. The vulnerability affects Timelive 6.2.71 and similar build variants; fixed in 6.2.8...

CVE-2014-2042

CVE-2014-2042 affects Livetecs Timelive; unrestricted file upload in the Manage Project functionality (Uploads/) enables remote code execution. Affected: Timelive up to version 6.2.71. Root cause: lack of file-type restrictions and permissive Read/Execute on uploaded files. Impact: potential arbi...

CVE-2014-2042

Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory ...

CVE-2014-1217

Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors...

Livetecs Timelive 6.2.71 Unauthenticated Access / File Upload Vulnerabilities

Exploit for php platform in category web applications Vulnerability title: Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE: CVE-2014-1217 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.2.8 Reported by: Richard Hatch Details:...

Livetecs Timelive 6.2.71 Unauthenticated File Upload

Vulnerability title: Unrestricted file upload in Livetecs Timelive CVE: CVE-2014-2042 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.5.1 Reported by: Richard Hatch Details: It was discovered that it was possible for low-level TimeLive application users to upload file...

Livetecs Timelive 6.2.71 Unauthenticated Access

Vulnerability title: Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE: CVE-2014-1217 Vendor: Livetecs Product: Timelive Affected version: 6.2.71 Fixed version: 6.2.8 Reported by: Richard Hatch Details: It was possible to access a URL that allowed...

TimeLive Time and Expense Tracking Multiple Vulnerabilities

The host is running TimeLive Time and Expense Tracking and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodtimelivetimeandexpensetrackingmultvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ TimeLive Time and Expense Tracking Multiple Vulnerabilities Authors: Antu Sanadi...

TimeLive <= 4.2.1 Multiple Vulnerabilities - Active Check

TimeLive is prone to multiple vulnerabilities. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

TimeLive Detection (HTTP)

HTTP based detection of TimeLive. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.902480";...