Produkt Simplehrm (...) - CVEMAP.ORG

Podatności dla 'Simplehrm'

2020-01-27

CVE-2013-2499

CWE-200

SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie.

2014-02-28

CVE-2013-2498

CWE-89

SQL injection vulnerability in the login page in flexycms/modules/user/user_manager.php in SimpleHRM 2.3, 2.2, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php/user/setLogin.

Copyright 2024, cxsecurity.com