CVE-2007-6217

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
04/12/2007
Last modified:
09/04/2025

Description

Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password parameters. NOTE: some of these details are obtained from third party information.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:irola:my-time:3.5:*:*:*:*:*:*:*