Skip to content

Access Control: PHP Timeclock \<=1.04 - Cross-Site Scripting¶

Identifier: php_timeclock_xss

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

PHP Timeclock 1.04 and prior contains multiple cross-site scripting vulnerabilities via login.php, timeclock.php, reports/audit.php. and reports/timerpt.php

Reference:

https://www.exploit-db.com/exploits/49853

Configuration¶

Example¶

Example configuration:

---
security_tests:
  php_timeclock_xss:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.