CVE-2026-40865

Horilla HRMS 1.5.0 contains an insecure direct object reference in the employee document viewer. An authenticated user can access other employees’ uploaded documents by altering the document ID parameter, exposing identity documents, contracts, certificates, and other private records. The PT-2026...

CVE-2026-24039

Horilla is a free and open source Human Resource Management System HRMS. Version 1.4.0 has Improper Access Control, allowing low-privileged employees to self-approve documents they have uploaded. The document-approval UI is intended to be restricted to administrator or high-privilege roles only;...

EUVD-2025-27516

Malicious code in bioql PyPI...

CVE-2025-9475

A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /AdminDashboard/process/editemployeeprocess.php. This manipulation of the argument employeefile201 causes unrestricted upload. The attack may be...

SQL Injection Vulnerability in Human Resource Information Management System of Beijing Hongjing Century Software Company Limited (CNVD-2024-34315)

Beijing Hongjing Century Software Co., Ltd. is a professional e-HR vendor in China. A SQL injection vulnerability exists in the human resources information management system of Beijing Hongjing Century Software Company Limited, which can be exploited by attackers to obtain sensitive information...

Number withdrawn

Soar Cloud HR Portal is a human resources application from Soar Cloud, Inc.HR is a human resources management system from Brad Wenqiang Personal Developer. This CVE number has been withdrawn...

Human Resource Management System 安全漏洞

Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in Human Resource Management System, which stems from an unknown part of its getstatecity.php component where manipulation of the ci parameter can lead to SQ...

Human Resource Management System 安全漏洞

Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in Human Resource Management System, which originates from an unknown handler in its Add Employee Handler component that operates on the parameters First...

File upload vulnerability in the shared human resources management system

Dongguan City, the same share software technology limited company is a focus on manufacturing, commercial circulation, government departments, enterprises and institutions, such as management software development and service company. There is a file upload vulnerability in the same share human...

SQL Injection Vulnerability in w** Page of Shared Human Resources Management System

Dongguan City, the same share software technology limited company is a focus on manufacturing, commercial circulation, government departments, enterprises and institutions, such as management software research and development and service company. The same share of human resources management syste...

Arbitrary file read vulnerability in shared human resources management system

Dongguan City, the same share software technology limited company is a focus on manufacturing, commercial circulation, government departments, enterprises and institutions, such as management software development and service company. The same share of human resources management system there are...

The vulnerability of the Candidate Gateway sub-component of the PeopleSoft Enterprise HRMS component of the Oracle PeopleSoft Products allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Candidate Gateway sub-component of the PeopleSoft Enterprise HRMS component of the Oracle PeopleSoft products is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete dat...

Generalized SQL Injection Vulnerability in Human Resources and Social Security System of Zhejiang Netnew Enpro Software Co.

Zhejiang Netnew Enpro Software Co., Ltd. is an enterprise dedicated to informatization construction and service of human resources social security and e-government industry. The human resources and social security system is one of the company's application systems. A generic SQL injection...