Lucene search
K

4 matches found

CNVD
CNVD
added 2020/10/21 12:0 a.m.3 views

Anuko Time Tracker Injection Vulnerability

Anuko Time Tracker is an open source time counting system for individual developers. A platform for counting the time spent by employees on various tasks. A security vulnerability exists in versions prior to Anuko Time Tracker 1.19.23.5325, which stems from a failure to properly filter user input...

8.7CVSS6.8AI score0.03462EPSS
Exploits3References1
NVD
NVD
added 2020/10/16 5:15 p.m.20 views

CVE-2020-15255

In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software for example, when a cell value starts with an equal sign. This is fixed in version 1.19.23.5325...

8.7CVSS0.03462EPSS
Exploits3References4
Prion
Prion
added 2020/10/16 5:15 p.m.17 views

Input validation

In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software for example, when a cell value starts with an equal sign. This is fixed in version 1.19.23.5325...

6CVSS6.9AI score0.03462EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2020/10/16 4:20 p.m.28 views

CVE-2020-15255 CSV injection in Anuko Time Tracker

In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software for example, when a cell value starts with an equal sign. This is fixed in version 1.19.23.5325...

8.7CVSS8.4AI score0.03462EPSS
Exploits3References4
Rows per page
Query Builder