CVE-2012-2105

Publication date

2012-09-19 19:00:00

Family

redhat

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.