CVE-2012-10047P2CRITICALCVSS 10.0PoCv6.02025-08-08
CVE-2012-10047 [CRITICAL] CWE-89 CVE-2012-10047: Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its lo
Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL statements. This can be leveraged to write and execute a malicious PHP file on disk, resulting in remote code e
nvd