2 matches found
CVE-2008-1415
CVE-2008-1415 affects the web app component index.php in Multiple Time Sheets (MTS) 5.0 and earlier. The vulnerability is a directory traversal through the tab parameter, using modified dot-dot sequences ("../..//"), allowing remote attackers to read arbitrary files. The provided documents do not...
CVE-2008-1414
CVE-2008-1414 : The vulnerability affects Multiple Time Sheets (MTS) 5.0 and earlier. A cross-site scripting (XSS) flaw exists where an attacker can inject arbitrary script or HTML via the tab parameter to index.php, or to clientinfo.php, invoices.php, smartlinks.php, and todo.php, demonstrated b...