mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 19:16:22 +00:00
818 B
818 B
CVE-2020-14982
Description
A Blind SQL Injection vulnerability in Kronos WebTA 3.8.x and later before 4.0 (affecting the com.threeis.webta.H352premPayRequest servlet's SortBy parameter) allows an attacker with the Employee, Supervisor, or Timekeeper role to read sensitive data from the database.
POC
Reference
- https://www.mindpointgroup.com/blog/webta-sqli-vulnerability/
- https://www.mindpointgroup.com/blog/webta-sqli-vulnerability/
Github
No PoCs found on GitHub currently.