Lucene search
K

45 matches found

Cvelist
Cvelist
added 2026/02/19 10:53 a.m.28 views

CVE-2025-15561 Local Privilege Escalation in NesterSoft WorkTime

An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". The...

0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 10:53 a.m.17 views

CVE-2025-15561

CVE-2025-15561 concerns the WorkTime monitoring daemon. An attacker can escalate local privileges to NT AUTHORITY\SYSTEM by placing a malicious WTWatch.exe into C:\ProgramData\wta\ClientExe (writable by Everyone); the daemon then executes it with SYSTEM privileges due to its update behavior. Affe...

7.8CVSS5.6AI score0.00104EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 10:53 a.m.9 views

CVE-2025-15561 Local Privilege Escalation in NesterSoft WorkTime

An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". The...

5.4AI score0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 10:48 a.m.4 views

CVE-2025-15560 SQL Injection in NesterSoft WorkTime

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

6AI score0.00251EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 10:48 a.m.6 views

CVE-2025-15560

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

6.2AI score0.00251EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/02/19 10:48 a.m.28 views

CVE-2025-15560 SQL Injection in NesterSoft WorkTime

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

0.00251EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 10:48 a.m.19 views

CVE-2025-15560

CVE-2025-15560 : An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server “widget” API endpoint to inject SQL queries. If the backend uses Firebird , the attacker can retrieve all data from the database. If the backend uses MSSQL , the attacker can exe...

8.8CVSS6.2AI score0.00251EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/19 10:45 a.m.4 views

CVE-2025-15559 Unauthenticated OS Command Injection in NesterSoft WorkTime

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

5.9AI score0.00441EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 10:45 a.m.33 views

CVE-2025-15559 Unauthenticated OS Command Injection in NesterSoft WorkTime

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

0.00441EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 10:45 a.m.5 views

CVE-2025-15559

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

6.1AI score0.00441EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/19 10:45 a.m.18 views

CVE-2025-15559

Summary: CVE-2025-15559 affects NesterSoft WorkTime. An unauthenticated OS command injection in the server API endpoint used to generate/download the WorkTime client (parameter: “guid”) allows execution of arbitrary commands on the WorkTime server with NT AUTHORITY\SYSTEM privileges, potentially ...

9.8CVSS6.1AI score0.00441EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.9 views

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an SQL injection vulnerability in the widget API endpoint. This vulnerability could lead to data leaks or the execution of arbitrary...

8.8CVSS6.1AI score0.00251EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.8 views

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an OS command injection vulnerability in the server API endpoint GUID parameter. This vulnerability could allow for the execution of...

9.8CVSS6AI score0.00441EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20798

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

6.1AI score0.00441EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.15 views

PT-2026-20799

An authenticated attacker with minimal permissions can exploit a SQL injection in the WorkTime server "widget" API endpoint to inject SQL queries. If the Firebird backend is used, attackers are able to retrieve all data from the database backend. If the MSSQL backend is used the attacker can...

6.2AI score0.00251EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability that stems from improper encoding or filtering of data at the internet/urls endpoint, which may lead to cross-site scripting attacks...

6.1CVSS5.6AI score0.00156EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from a flaw in the monitoring of the daemon’s update behavior, potentially leading to an increase in local privileges...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability that stems from unauthorized inspections, which may lead to the resetting of database configurations...

5.3CVSS5.8AI score0.00257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.24 views

PT-2026-20802

Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here...

5.5AI score0.00257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.49 views

PT-2026-20800

An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT AuthoritySYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:ProgramDatawtaClientExe directory, which is writable by "Everyone". The executable...

5.6AI score0.00104EPSS
Exploits0References1
Rows per page
Query Builder