VYPR

Zen Time Tracking

by Zentracking

CVEs (1)

  • CVE-2010-1053Mar 23, 2010
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php. NOTE: some of…