Scheduling Management.com Time Tracking Software : Security vulnerabilities, CVEs

Copy

CVE-2006-0691

edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account.

Max CVSS

5.0

EPSS Score

13.45%

Published

2006-02-15

Updated

2018-10-19

CVE-2006-0690

Multiple SQL injection vulnerabilities in TTS Time Tracking Software 3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

Max CVSS

7.5

EPSS Score

0.79%

Published

2006-02-15

Updated

2018-10-19

CVE-2006-0689

Cross-site scripting (XSS) vulnerability in the Registration Form in TTS Time Tracking Software 3.0 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.

Max CVSS

4.3

EPSS Score

0.83%

Published

2006-02-15

Updated

2018-10-19

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!