- Description
- mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- mjobtime
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-602
- Hype score
- Not currently trending
CVE-2025-51682 mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Addition… https://t.co/yEJTfRXd4C
@CVEnew
1 Dec 2025
180 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We've published technical details for CVE-2025-51682 and CVE-2025-51683 – two vulnerabilities in the time management software mJobTime that lead to unauthenticated RCE via SQLi by @dario_weiss: https://t.co/CP9sNeRdQH
@InfoGuard_Labs
25 Nov 2025
190 Impressions
2 Retweets
5 Likes
3 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mjobtime:mjobtime:15.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0C873D-A6A8-4FB3-A7AC-07DBC8ED72A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]