Sensitive Information Exposure in Employee Timeclock Software by Timeclock Software
CVE-2010-0123

Currently unrated

Key Information:

Vendor

Timeclock-software

Status
Employee Timeclock Software
Vendor
CVE Published:
15 March 2010

What is CVE-2010-0123?

The Employee Timeclock Software version 0.99 has a vulnerability where its database backup feature stores sensitive information within the web root directory without adequate access control. This design flaw allows remote attackers to exploit this weakness and download the database by making direct requests using a semi-predictable file name, thereby leading to potential unauthorized access to sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/38739
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/509990/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.osvdb.org/62833
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.