2 matches found
CVE-2026-40866
Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the document ID in the upload...
PT-2026-33316
Name of the Vulnerable Software and Affected Versions Horilla version 1.5.0 Description An insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite, replace, or corrupt another employee's document by changing the document ID in the uploa...