Filtered by vendor Hr Portal Project
Subscriptions
Filtered by product Hr Portal
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22853 | 1 Hr Portal Project | 1 Hr Portal | 2024-09-17 | 5.4 Medium |
| The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing the login function not to work. | ||||
| CVE-2021-22854 | 1 Hr Portal Project | 1 Hr Portal | 2024-09-16 | 7.5 High |
| The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege. | ||||
| CVE-2021-22855 | 1 Hr Portal Project | 1 Hr Portal | 2024-09-16 | 9.8 Critical |
| The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands. | ||||
Page 1 of 1.