MidnightBSD

Advisories for enterprise_payroll_systems

CVE-2006-2982 HIGH

Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in (1) footer.php and (2) admin/footer.php.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
enterprise_payroll_systems enterprise_payroll_systems 1.01_alpha
enterprise_payroll_systems enterprise_payroll_systems 1.1
enterprise_payroll_systems enterprise_payroll_systems 1.0_alpha
CVE-2006-2983 HIGH

PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in cal.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
enterprise_payroll_systems enterprise_payroll_systems 1.01_alpha
enterprise_payroll_systems enterprise_payroll_systems 1.1
enterprise_payroll_systems enterprise_payroll_systems 1.0_alpha