Filtered by vendor Timeclock-software
Subscriptions
Filtered by product Timeclock Software
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-37005 | 1 Timeclock-software | 1 Timeclock Software | 2026-01-30 | 7.1 High |
| TimeClock Software 1.01 contains an authenticated time-based SQL injection vulnerability that allows attackers to enumerate valid usernames by manipulating the 'notes' parameter. Attackers can inject conditional time delays in the add_entry.php endpoint to determine user existence by measuring response time differences. | ||||
Page 1 of 1.