8 matches found
EUVD-2023-34145
Malicious code in bioql PyPI...
CVE-2022-48118
Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Acronym parameter...
CVE-2022-34132
Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php...
CVE-2022-34134
Jorani v1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /application/controllers/Users.php...
CVE-2022-34133
Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Comment parameter at application/controllers/Leaves.php...
CVE-2022-34132
Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php...
PT-2022-22018 · Benjamin Balet · Jorani
Name of the Vulnerable Software and Affected Versions: Benjamin BALET Jorani version 1.0 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the Comment parameter at the application/controllers/Leaves.php endpoint. Recommendations...
PT-2022-22019 · Benjamin Balet · Jorani
Name of the Vulnerable Software and Affected Versions: Benjamin BALET Jorani version 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF in the component /application/controllers/Users.php. This allows for unauthorized actions to be performed on behalf of a user without the...