Vulnerabilities > Online Project Time Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-07 | CVE-2022-26627 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Project Time Management System Project Online Project Time Management System 1.0 Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file. | 6.8 |
| 2022-03-16 | CVE-2022-26293 | SQL Injection vulnerability in Online Project Time Management System Project Online Project Time Management System 1.0 Online Project Time Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the function save_employee at /ptms/classes/Users.php. | 7.5 |
| 2022-03-16 | CVE-2022-26295 | Cross-site Scripting vulnerability in Online Project Time Management System Project Online Project Time Management System 1.0 A stored cross-site scripting (XSS) vulnerability in /ptms/?page=user of Online Project Time Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user name field. | 3.5 |
| 2022-01-24 | CVE-2021-46451 | SQL Injection vulnerability in Online Project Time Management System Project Online Project Time Management System 1.0 An SQL Injection vulnerabilty exists in Sourcecodester Online Project Time Management System 1.0 via the pid parameter in the load_file function. | 7.5 |