Security Overview · anuko/timetracker · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

SQL Injection Vulnerability in invoices.php
GHSA-9g2c-7c7g-p58r published May 15, 2023 by anuko

Moderate
Blind SQL Injection Vulnerability in Reports
GHSA-758x-vg7g-j9j3 published May 12, 2023 by anuko

High
Stored XSS vulnerability in Week View plugin
GHSA-jw2g-8wvp-9frw published May 8, 2023 by anuko

Low
Stored XSS vulnerability in primary group name
GHSA-rgcm-xgvj-5mqh published Feb 23, 2022 by anuko

Low
UNION SQL injection and time-based blind in Puncher plugin
GHSA-wqx7-95fx-wjxj published Feb 23, 2022 by anuko

Moderate
SQL injection vulnerability in multiple files
GHSA-wx6x-6rq3-pqcc published Dec 21, 2021 by anuko

Moderate
Reflected XSS vulnerability - not checking browser_today parameter for sanity
GHSA-g9cc-m4p4-6xpc published Oct 18, 2021 by anuko

Low
Reflected XSS vulnerability in time.php
GHSA-h2v8-87c9-86cw published Oct 13, 2021 by anuko

Low
Cross site request forgery vulnerability
GHSA-pgpx-rfvj-9g4f published Apr 12, 2021 by anuko

Low
Predictable tokens used for password resets in versions prior to 1.19.24.5415
GHSA-43c9-rx4h-4gqq published Feb 27, 2021 by anuko

Critical

Learn more about advisories related to anuko/timetracker in the GitHub Advisory Database