Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0584


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0584
Last Modified 05 Sep 2008 04:28:24
Published 18 Jun 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets by modifying the TSN ID parameter to the ts_app_process.asp script, which is easily guessable because it is incremented by 1 for each new timesheet.

Vulnerable Systems


  • Workforceroi Xpede 4.1


BUGTRAQ - 20020419 Xpede many vulnerabilities

BID - 4556

XF - xpede-timesheet-disclosure(8907)

Last Updated: 27 May 2016 10:36:59