Unrated severityNVD Advisory· Published Sep 12, 2006· Updated Apr 16, 2026

CVE-2006-4705

Description

SQL injection vulnerability in login.php in dwayner79 and Dominic Gamble Timesheet (aka Timesheet.php) 1.2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.

Affected products

Dominic Gamble/Timesheet.PHP
cpe:2.3:a:dominic_gamble:timesheet.php:1.2.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secaware.blogspot.com/2006/09/timesheet-121-blind-sql-injection.htmlnvd
secunia.com/advisories/21831nvd
securityreason.com/securityalert/1542nvd
www.securityfocus.com/archive/1/445603/100/0/threadednvd
www.securityfocus.com/bid/19856nvd
www.vupen.com/english/advisories/2006/3547nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000