CVE-2010-0122 in Employee Timeclock Softwareinfo

Summary

Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) auth.php or (b) login_action.php.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

01/04/2010

Disclosure

03/15/2010

Moderation

VulDB entry created

Entries

1: VDB-52164

CPE

ready

CWE

CWE-89 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.00330

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-0122
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-0122
CVE Details	https://www.cvedetails.com/cve/CVE-2010-0122/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!