Timetrax

timetrax

Vendor: Efrotech • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-46157 1Efrotech 1Timetrax Jun 26, 2025 Jun 18, 2025 N/A· v4 9.9 CRITICAL· v3 N/A· v2 An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form
CVE-2024-39250 1Efrotech 1Timetrax Jul 8, 2025 Jul 22, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface.