SQL Injection Vulnerabilities in Timesheet Next Gen 1.5.2 Login Page

SQL Injection Vulnerabilities in Timesheet Next Gen 1.5.2 Login Page

CVE-2012-2105 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.