Lucene search
K

102 matches found

NVD
NVD
added 2025/10/13 10:15 p.m.6 views

CVE-2025-62362

gpp-burgerportaal is a Dutch government citizen portal application. In versions before 2.0.3, 3.0.2, and 4.0.1, the name and email address of employees who publish content are exposed in network responses and can be discovered by viewing the browser's developer tools network tab. This information...

6.9CVSS0.003EPSS
Exploits0References1
CVE
CVE
added 2025/10/13 9:33 p.m.11 views

CVE-2025-62362

CVE-2025-62362 affects gpp-burgerportaal, a Dutch government citizen portal. In versions prior to 2.0.3, 3.0.2, and 4.0.1, the name and email address of employees who publish content are exposed in network responses and can be discovered via browser developer tools. This is an information disclos...

6.9CVSS5.9AI score0.003EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-14352

Malware in sbrugna...

4.3CVSS4.8AI score0.00582EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-23787

Malware in sbrugna...

4.3CVSS5AI score0.00764EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14341

Malicious code in bioql PyPI...

5.8CVSS6.4AI score0.00307EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/30 12:0 a.m.7 views

PT-2025-39978

Name of the Vulnerable Software and Affected Versions BOLD Workplanner versions prior to 2.5.25 Description An Insecure Direct Object Reference IDOR issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, potentially allowing an authenticated user to access...

7.1CVSS6.5AI score0.00234EPSS
Exploits0References3
HackRead
HackRead
added 2025/06/30 7:38 a.m.7 views

Ahold Delhaize Confirms Data Breach of 2.2M amid INC Ransomware Claims

Grocery giant Ahold Delhaize USA faced a major data breach affecting over 2.2 million employees. Learn what sensitive info was stolen and the ransomware group behind the Nov 2024 attack...

7.2AI score
Exploits0
HackRead
HackRead
added 2025/06/10 12:0 a.m.4 views

How LMS Software Supports Secure Online Employee Learning

Explore how learning management systems LMS software supports safe online learning, protects employee data, and ensures compliance in…...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/27 2:0 p.m.13 views

Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/27 2:0 p.m.6 views

Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...

6.9AI score
Exploits0
HackRead
HackRead
added 2025/05/27 9:15 a.m.29 views

Everest Ransomware Leaks Coca-Cola Employee Data Online

Everest ransomware leaks Coca-Cola employee data: 1,104 files exposed, including HR, admin roles, IDs, personal details, and internal records...

7.4AI score
Exploits0
HackRead
HackRead
added 2025/05/22 10:9 p.m.44 views

Coca-Cola, Bottling Partner Named in Separate Ransomware and Data Breach Claims

Coca-Cola and its bottling partner CCEP targeted in separate cyber incidents, with the Everest ransomware gang and the Gehenna hacking group claiming data breaches involving sensitive employee and CRM data...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 p.m.11 views

CVE-2020-26805

In Sentrifugo 3.2, admin can edit employee's informations via this endpoint -- /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data from database or write...

7.2CVSS7.8AI score0.01486EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:4 a.m.6 views

CVE-2019-0325

SAP ERP HCM SAPHRCES , version 3, does not perform necessary authorization checks for a report that reads payroll data of employees in a certain area. Due to this under certain conditions, the user that once had authorization to payroll data of an employee, which was later revoked, may retain...

4.9CVSS6.8AI score0.00792EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/17 9:3 p.m.9 views

CVE-2024-12812

The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 is affected by an IDOR issue where employees can manipulate parameters to access the data of terminated employees...

7.5CVSS7.4AI score0.00444EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:6 p.m.21 views

CVE-2024-12812 WP ERP < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information

The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 is affected by an IDOR issue where employees can manipulate parameters to access the data of terminated employees...

0.00444EPSS
Exploits1References1
OSV
OSV
added 2025/05/15 8:6 p.m.5 views

CVE-2024-12812 WP ERP < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information

The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 is affected by an IDOR issue where employees can manipulate parameters to access the data of terminated employees...

7.5CVSS5.9AI score0.00444EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/05/15 8:6 p.m.8 views

CVE-2024-12812 WP ERP < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee Information

The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before 1.13.4 is affected by an IDOR issue where employees can manipulate parameters to access the data of terminated employees...

7.4AI score0.00444EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:6 p.m.41 views

CVE-2024-12812

CVE-2024-12812 affects the WP ERP plugin for WordPress (WooCommerce CRM & Accounting), specifically versions prior to 1.13.4. The issue is an IDOR that lets authenticated users manipulate parameters to access data of terminated employees. The root cause is improper access control around parameter...

7.5CVSS7.4AI score0.00444EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.4 views

PT-2025-21446 · WordPress · Wp Erp

Name of the Vulnerable Software and Affected Versions: The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin versions prior to 1.13.4 Description: The issue allows employees to manipulate parameters and access the data of terminated...

7.5CVSS7.5AI score0.00444EPSS
Exploits1References5
Rows per page
Query Builder