Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

anuko — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting anuko. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Anuko is primarily a time tracking and employee scheduling application with additional project management features. Historically, it has been vulnerable to multiple remote code execution flaws, cross-site scripting (XSS) attacks, and privilege escalation issues, often stemming from insufficient input validation and insecure session management. The application's vulnerabilities have allowed attackers to execute arbitrary code, steal session cookies, and gain unauthorized administrative access. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities across multiple versions highlights ongoing security challenges in its web interface and database interaction components.

Top products by anuko: timetracker
CVE IDTitleCVSSSeverityPublished
CVE-2023-32308 SQL Injection Vulnerability in anuko timetracker — timetrackerCWE-89 8.2 High2023-05-15
CVE-2023-32306 Time Tracker has Blind SQL Injection Vulnerability in Reports — timetrackerCWE-89 8.8 High2023-05-12
CVE-2023-32066 Time Tracker has Stored XSS vulnerability in Week View plugin — timetrackerCWE-79 5.4 Medium2023-05-09
CVE-2022-24707 SQL injection in anuko timetracker — timetrackerCWE-89 7.4 High2022-02-23
CVE-2022-24708 Stored XSS vulnerability in anuko/timetracker — timetrackerCWE-79 6.5 Medium2022-02-23
CVE-2021-43851 SQL injection vulnerability in anuko timetracker — timetrackerCWE-89 8.1 High2021-12-21
CVE-2021-41156 Reflected XSS vulnerability — timetrackerCWE-79 6.8 Medium2021-10-18
CVE-2021-41139 Reflected XSS vulnerability in time.php — timetrackerCWE-79 8.1 High2021-10-13
CVE-2021-29436 Cross site request forgery vulnerability — timetrackerCWE-352 5.4 Medium2021-04-13
CVE-2021-21352 Predictable tokens used for password resets — timetrackerCWE-330 6.8 Medium2021-03-03
CVE-2020-15255 CSV injection in Anuko Time Tracker — timetrackerCWE-74 8.7 High2020-10-16

This page lists every published CVE security advisory associated with anuko. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.