Mjobtime

mjobtime

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Mjobtime

mjobtime

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-51683 1Mjobtime 1Mjobtime Dec 4, 2025 Dec 1, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/update_profile_Server endpoint .
CVE-2025-51682 1Mjobtime 1Mjobtime Dec 4, 2025 Dec 1, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side...Show more mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2025-51683

1Mjobtime

Dec 4, 2025

Dec 1, 2025

N/A· v4

9.8 CRITICAL· v3

N/A· v2

A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers to execute arbitrary SQL statements via a crafted POST request to the /Default.aspx/update_profile_Server endpoint .

CVE-2025-51682