Skip to main content

Timesheet Next Gen

2 CVEs product

Monthly

CVE-2019-1010287 MEDIUM POC PATCH This Month

Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Timesheet Next Gen
NVD
CVSS 3.0
6.1
EPSS
4.3%
CVE-2012-2105 HIGH POC This Week

Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Timesheet Next Gen
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.5%
EPSS 4% CVSS 6.1
MEDIUM POC PATCH This Month

Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Timesheet Next Gen
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Timesheet Next Gen
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy