What is CVE-2012-10047?

CVE-2012-10047 is a vulnerability in Cyclope-series Cyclope Employee Surveillance Solution, classified under SQL Injection. Published 2025-08-08.

Is CVE-2012-10047 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

SQL Injection in Cyclope-series Cyclope Employee Surveillance Solution

CVE-2012-10047

Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL…

Vulnerability class: SQL Injection

EPSS: 0.712 (98.7th percentile) — read the EPSS interpretation.

Affected products

Cyclope-series Cyclope Employee Surveillance Solution — versions 6.0

Weakness classification (CWE)

CWE-89 — SQL Injection

Public proof-of-concept exploits

References

disclosure@vulncheck.com (exploit)
disclosure@vulncheck.com (exploit)
disclosure@vulncheck.com (exploit)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2012-10047?: CVE-2012-10047 is a vulnerability in Cyclope-series Cyclope Employee Surveillance Solution, classified under SQL Injection. Published 2025-08-08.
Is CVE-2012-10047 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.