13 matches found
EUVD-2006-0697
Malware in sbrugna...
EUVD-2006-0696
Malware in sbrugna...
EUVD-2006-0698
Malware in sbrugna...
CVE-2006-0689
Cross-site scripting XSS vulnerability in the Registration Form in TTS Time Tracking Software 3.0 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter...
Sql injection
Multiple SQL injection vulnerabilities in TTS Time Tracking Software 3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Registration Form in TTS Time Tracking Software 3.0 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter...
Default credentials
edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account...
CVE-2006-0690
Multiple SQL injection vulnerabilities in TTS Time Tracking Software 3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2006-0691
CVE-2006-0691 concerns TTS Time Tracking Software 3.0. The vulnerability lies in edituser.php, which does not verify that the provided name and password are correct, enabling remote attackers to overwrite arbitrary data belonging to any account. Affected component: edituser.php in Time Tracking S...
CVE-2006-0689
CVE-2006-0689 affects TTS Software’s Time Tracking Software (Version 3.0). The vulnerability is a Cross-site Scripting (XSS) flaw in the Registration Form: the UserName parameter is not properly sanitized, allowing remote attackers to inject arbitrary script/HTML. Public disclosures in NVD and re...
CVE-2006-0691
edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account...
CVE-2006-0689
Cross-site scripting XSS vulnerability in the Registration Form in TTS Time Tracking Software 3.0 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter...
CVE-2006-0690
CVE-2006-0690 affects TTS Time Tracking Software 3.0 with multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via unspecified vectors. Public sources (NVD/eVuln) cite remote exploitation and, per eVuln, unauthorized data modification and additional...