SQL Injection Vulnerabilities in Truworth Flex Timesheet Login Form

SQL Injection Vulnerabilities in Truworth Flex Timesheet Login Form

CVE-2010-4797 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.