MidnightBSD

Advisories for carey_briggs

CVE-2006-0692 HIGH

Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arbitrary SQL commands via the (1) yr, (2) month, (3) day, and (4) job parameters in (a) index.php and (b) changehrs.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
carey_briggs php_mysql_timesheet 2
carey_briggs php_mysql_timesheet 1