Vulnerability Details CVE-2006-0691
edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.099
EPSS Ranking 92.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/18854
- http://www.evuln.com/vulns/69/summary.html
- http://www.securityfocus.com/archive/1/425505/100/0/threaded
- http://www.securityfocus.com/bid/16630
- http://www.securityfocus.com/bid/16731
- http://www.vupen.com/english/advisories/2006/0524
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24570
- http://secunia.com/advisories/18854
- http://www.evuln.com/vulns/69/summary.html
- http://www.securityfocus.com/archive/1/425505/100/0/threaded
- http://www.securityfocus.com/bid/16630
- http://www.securityfocus.com/bid/16731
- http://www.vupen.com/english/advisories/2006/0524
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24570
Products affected by CVE-2006-0691
-
cpe:2.3:a:scheduling_management.com:time_tracking_software:3.0