Timeclock-software Employee Timeclock Software — known CVE vulnerabilities
Every CVE whose affected-product data names Timeclock-software Employee Timeclock Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2010-0122 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote attackers to execute arbitrary SQL commands via the…
CVE-2010-0707 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attackers to hijack the…
CVE-2010-0123 — CVSS 5.0 (medium): The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient…
CVE-2010-0124 — CVSS 2.1 (low): Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive…