CVE-2012-2105

Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.
Configurations

Configuration 1 (hide)

cpe:2.3:a:peter_kovacs:timesheet_next_gen:1.5.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-09-19 19:55

Updated : 2017-08-29 01:31


NVD link : CVE-2012-2105

Mitre link : CVE-2012-2105

CVE.ORG link : CVE-2012-2105


JSON object : View

Products Affected

peter_kovacs

  • timesheet_next_gen
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')