Vulnerabilities > CVE-2006-0691 - Input Validation vulnerability in Scheduling Management.Com Time Tracking Software 3.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
scheduling-management-com
exploit available
NVD
Published: 2006-02-15
Updated: 2018-10-19

Summary

edituser.php in TTS Time Tracking Software 3.0 does not verify that the name and password are correct, which allows remote attackers to overwrite arbitrary data belonging to any account.

Vulnerable Configurations

Part Description Count
Application
Scheduling_Management.Com
1

Exploit-Db

descriptionTTS Software Time Tracking Software 3.0 Edituser.PHP Access Validation Vulnerability. CVE-2006-0691. Webapps exploit for php platform
idEDB-ID:27250
last seen2016-02-03
modified2006-02-20
published2006-02-20
reporterAliaksandr Hartsuyeu
sourcehttps://www.exploit-db.com/download/27250/
titleTTS Software Time Tracking Software 3.0 Edituser.PHP Access Validation Vulnerability

References