Описание
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly.
Ссылки
- Product
- https://labs.infoguard.ch/advisories/cve-2025-51682_cve-2025-51683_time_management_softare_sqli-rce/ExploitThird Party Advisory
- https://labs.infoguard.ch/advisories/cve-2025-51682_cve-2025-51683_time_management_softare_sqli-rce/ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:mjobtime:mjobtime:15.7.2:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00103
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-602
Связанные уязвимости
CVSS3: 9.8
github
2 месяца назад
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly.
EPSS
Процентиль: 29%
0.00103
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-602