VYPR
Unrated severityNVD Advisory· Published Mar 15, 2010· Updated Jun 16, 2026

CVE-2010-0123

CVE-2010-0123

Description

The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a "semi-predictable file name."

Affected products

2
  • cpe:2.3:a:timeclock-software:employee_timeclock_software:0.99:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:timeclock-software:employee_timeclock_software:0.99:*:*:*:*:*:*:*
    • (no CPE)range: = 0.99

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.