Ultrize Timesheet vulnerabilities
2 known vulnerabilities affecting ultrize/timesheet.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-2769P3MEDIUMCVSS 6.8PoCv1.2.22009-08-14
CVE-2009-2769 [MEDIUM] CWE-94 CVE-2009-2769: PHP remote file inclusion vulnerability in include/timesheet.php in Ultrize TimeSheet 1.2.2, when re
PHP remote file inclusion vulnerability in include/timesheet.php in Ultrize TimeSheet 1.2.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[include_dir] parameter.
nvd
CVE-2009-3151P4MEDIUMCVSS 5.0PoCv1.2.22009-09-10
CVE-2009-3151 [MEDIUM] CWE-22 CVE-2009-3151: Directory traversal vulnerability in actions/downloadFile.php in Ultrize TimeSheet 1.2.2 allows remo
Directory traversal vulnerability in actions/downloadFile.php in Ultrize TimeSheet 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter.
nvd