12 matches found
PersonManage 安全漏洞
PersonManage is a personnel management system by jinguomin personal developer. A security vulnerability exists in PersonManage, which stems from an arbitrary file download issue in the document lookup function...
PT-2022-24210 · Unknown · Le-Yan Personnel/Salary Management System
Name of the Vulnerable Software and Affected Versions: Le-yan Personnel and Salary Management System affected versions not specified Description: The issue concerns hard-coded database account and password within the website source code. This allows an unauthenticated remote attacker to access,...
OrangeHRM Referer header injection redirection vulnerability
Orangehrm is a human resource management system HRM from Orangehrm USA. The system supports personnel information management, leave management, time and attendance management and recruitment management, etc. Orangehrm version 4.10 has a Referer header injection redirection vulnerability, no...
Orangehrm SQL Injection Vulnerability (CNVD-2021-01999)
Orangehrm is a human resource management system HRM from Orangehrm, USA. The system supports personnel information management, leave management, attendance management and recruitment management. OrangeHRM versions prior to 4.6.0.1 suffer from a SQL injection vulnerability that stems from the...
SQL Injection Vulnerability in Personnel Management System of Jiangxi Huidangjia Information Technology Co.
Jiangxi Huidangjia Information Technology Co., Ltd. is a technology enterprise engaged in the research, development and sales of management information technology products. A SQL injection vulnerability exists in the personnel management system of Jiangxi Huidangjia Information Technology Co. An...
File Upload Vulnerability in Baidu Deep Blue Alliance Personnel Management System
Baidu Deep Blue Alliance personnel management system is an OA system project. A file upload vulnerability exists in the Baidu Deep Blue Alliance Personnel Management System, which can be exploited by an attacker to gain control of the server...
SQL Injection Vulnerability in Personnel Management System of Coolidge University
Coolidge College Personnel Management System Software is a software for college personnel management business. There is a SQL injection vulnerability in the Kuchi College Personnel Management System that can be exploited by attackers to obtain sensitive information from the database...
HCL Exposes Customer, Personnel Info in Wide-Ranging Data Leak
IT services provider HCL Technologies has inadvertently exposed passwords, sensitive project reports and other private data of thousands of customers and internal employees on various public HCL subdomains. HCL, an $8 billion conglomerate with more than 100,000 employees, specializes in...
“There Are No Hackers, There Are Only Spies”
In December 2015, I opened a letter from the Office of Personnel Management. The OPM oversees healthcare and insurance programs, administers retirement and benefit services, and assists federal agencies in hiring new employees and providing federal investigative services for background checks. Th...
White House Hires First Federal CISO
The White House announced yesterday it has hired retired Brigadier General Gregory J. Touhill, right, to serve as the first federal chief information security officer. Touhill will be responsible for setting policies, strategies and practices across federal agencies. According to a White House bl...
Stolen U.S. Government Credentials Found Online
Credentials stolen in breaches and sundry hacks belonging to close to 100 unique U.S. government domains are scattered among a number of paste sites and are searchable in other locations online. Analysts at Recorded Future said on Wednesday that through open source intelligence gathering and...
Anthem Refuses Audit Following Massive Breach
UPDATED–Anthem has refused to undergo vulnerability scans and configuration compliance tests in the aftermath of a breach that may have ultimately leaked the personal information of nearly 100 million customers and non-customers. The health insurance giant reportedly turned down an audit of its...