CVE-2023-32308

anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...

Sql injection

anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...

CVE-2023-32308

The CVE-2023-32308 entry concerns anuko timetracker, an open-source time-tracking system. A Boolean-based blind SQL injection existed in Time Tracker’s invoices.php for versions prior to 1.22.11.5781, caused by a coding error after validating POST parameters and lack of an error check before adju...

CVE-2023-32308 SQL Injection Vulnerability in anuko timetracker

anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...

CVE-2021-41156

anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browsertoday hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to 1.19.30.5601, it was possible to craf...

CVE-2021-41156

anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browsertoday hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to 1.19.30.5601, it was possible to craf...

CVE-2021-41156

The CVE-2021-41156 issue affects anuko/timetracker (Time Tracker). In versions prior to 1.19.30.5601, a browser_today hidden control exposes the user’s date and can be exploited by crafting a malicious HTML form to trigger attacker-supplied JavaScript in the user’s browser via social engineering....

Anuko TimeTracker 跨站脚本漏洞

Anuko TimeTracker is Anuko an open source application . Provides a Web-based open source time tracking application written in PHP. A cross-site scripting vulnerability exists in anuko timetracker that stems from the time tracker using the browsertoday hidden control on several pages to collect...

TimeTracker 安全特征问题漏洞

Anuko TimeTracker is Anuko an open source application . Provides a Web-based open source time tracking application written in PHP. A security vulnerability exists in TimeTracker before version 1.19.24.5415, which stems from the fact that the token used in the password reset feature is based on...

Circle with Disney libbluecoat.so SSL TLD MITM Vulnerability(CVE-2017-2913)

Summary An exploitable vulnerability exists in filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...

TimeTracker - Apache license, BSD license, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application TimeTracker published at the 'play' market has multiple vulnerabilities...