SQL Injection Vulnerabilities in Employee Timeclock Software by Unknown Vendor
CVE-2010-0122

Currently unrated

Key Information:

Vendor

Timeclock-software

Status
Employee Timeclock Software
Vendor
CVE Published:
15 March 2010

What is CVE-2010-0122?

The Employee Timeclock Software version 0.99 is susceptible to multiple SQL injection vulnerabilities. This flaw allows remote attackers to craft malicious inputs via the username or password fields in auth.php and login_action.php scripts. Successful exploitation could result in execution of arbitrary SQL commands, potentially compromising the underlying database and exposing sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/38639
vdb-entryx_refsource_BID
http://secunia.com/advisories/38739
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/56799
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.