Every CVE whose affected-product data names Anuko Time Tracker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2020-27422 — CVSS 9.8 (critical): In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the…
CVE-2023-32306 — CVSS 8.8 (high): Time Tracker is an open source time tracking system. A time-based blind injection vulnerability existed in Time Tracker reports in versions…
CVE-2020-15255 — CVSS 8.7 (high): In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that…
CVE-2023-32308 — CVSS 8.2 (high): anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker…
CVE-2021-41139 — CVSS 8.1 (high): Anuko Time Tracker is an open source, web-based time tracking application written in PHP. When a logged on user selects a date in Time…
CVE-2021-43851 — CVSS 8.1 (high): Anuko Time Tracker is an open source, web-based time tracking application written in PHP. SQL injection vulnerability exist in multiple…
CVE-2020-27423 — CVSS 7.5 (high): Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on…
CVE-2022-24707 — CVSS 7.4 (high): Anuko Time Tracker is an open source, web-based time tracking application written in PHP. UNION SQL injection and time-based blind…
CVE-2021-21352 — CVSS 6.8 (medium): Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In TimeTracker before version 1.19.24.5415 tokens…
CVE-2022-24708 — CVSS 6.5 (medium): Anuko Time Tracker is an open source, web-based time tracking application written in PHP. ttUser.class.php in Time Tracker versions prior…
CVE-2023-32066 — CVSS 5.4 (medium): Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping…
CVE-2021-29436 — CVSS 5.4 (medium): Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In Time Tracker before version 1.19.27.5431 a…