This site is soon to be deprecated by

Wednesday, May 26, 2010

Pacific Timesheet 6.74 Cross-site Request Forgery

A cross-site request forgery vulnerability in Pacific Timesheet 6.74 can be exploited via GET request to create a new admin.

<img src="http://localhost/timesheet/user/" />


  1. This has been fixed in Pacific Timesheet 6.74 Build 363. Please contact for download information.

  2. I was looking for a good article about project management, increasing my firm’s turnover , overall effectiveness and how to run them effeciently by implementing time management systems like that of timesheet ...Nice article ...It is always better to spend some good time reading on a good article Your's is one among that…. great work..GO ahead..

  3. Thank you for the info. It sounds pretty user friendly. I guess I’ll pick one up for fun. thank u
    Timesheet Management System