CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Scheduling Management.com: Security Vulnerabilities

CVE-2006-0689

Cross-site scripting (XSS) vulnerability in the Registration Form in TTS Time Tracking Software 3.0 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.

CVSS Score

4.3

EPSS Score

0.005

Published

2006-02-15

CVE-2006-0690

Multiple SQL injection vulnerabilities in TTS Time Tracking Software 3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.008

Published

2006-02-15

CVE-2006-0691

edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account.

CVSS Score

5.0

EPSS Score

0.099

Published

2006-02-15

Page 1

Vulnerabilities

Vulnerable Software

Scheduling Management.com: Security Vulnerabilities

Products

Pricing

Contact Us