Lucene search
K

193 matches found

CVE
CVE
added 2024/03/21 1:46 p.m.59 views

CVE-2024-29871

CVE-2024-29871 affects Sentrifugo 3.2. The SQL injection vulnerability resides in the API endpoint /sentrifugo/index.php/index/getdepartments/sentrifugo/index.php/index/updatecontactnumber via the id parameter, potentially allowing a remote attacker to craft queries and extract data. Exploitation...

9.8CVSS9.7AI score0.00863EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/21 1:45 p.m.14 views

CVE-2024-29870 SQL injection vulnerability in Sentrifugo

SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter./sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter. The exploitation of this vulnerability could allow a remote user to send a speciall...

9.8CVSS9.7AI score0.00856EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/21 1:45 p.m.17 views

CVE-2024-29870 SQL injection vulnerability in Sentrifugo

SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter./sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter. The exploitation of this vulnerability could allow a remote user to send a speciall...

9.8CVSS9.8AI score0.00856EPSS
Exploits0References1
CVE
CVE
added 2024/03/21 1:45 p.m.69 views

CVE-2024-29870

CVE-2024-29870 affects Sentrifugo 3.2. The vulnerability is a SQL injection in the endpoint /sentrifugo/index.php/index/getdepartments/format/html, exploiting the business_id parameter. This could allow a remote attacker to craft a query to extract data from the database. The root cause is lack o...

9.8CVSS9.7AI score0.00856EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.5 views

PT-2024-23099 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: A SQL injection vulnerability exists in Sentrifugo, allowing a remote user to send a specially crafted query to the server and extract all the data from it. This issue is related to the...

9.8CVSS7.5AI score0.00874EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.9 views

PT-2024-23096 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...

9.8CVSS7.5AI score0.00825EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.4 views

Sentrifugo 跨站脚本漏洞

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. Sentrifugo version 3.2 suffers from a cross-site scripting vulnerability that stems from the lack of effective...

7.1CVSS6AI score0.00502EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.3 views

Sentrifugo SQL注入漏洞

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a lack of validation of...

9.8CVSS8.1AI score0.00825EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.5 views

Sentrifugo SQL注入漏洞

Sentrifugo is a human resource management system. The system includes features such as human resource management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a SQL injection vulnerability...

9.8CVSS7.8AI score0.00874EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.6 views

Sentrifugo SQL注入漏洞

Sentrifugo is a human resource management system. The system includes features such as human resource management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a SQL injection vulnerability...

9.8CVSS7.8AI score0.00825EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.12 views

PT-2024-23095 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...

9.8CVSS7.5AI score0.00863EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.6 views

PT-2024-23101 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: A Cross-Site Scripting XSS issue exists, allowing a remote user to send a specially crafted URL to the victim and steal their session data. This is achieved through the...

7.1CVSS5.9AI score0.00502EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.5 views

PT-2024-23098 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It affects the /sentrifugo/index.php/default/reports/activeuserrptpdf API endpoint, specifically the sort name parameter. This vulnerability could allo...

9.8CVSS7.5AI score0.00874EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.4 views

Sentrifugo 安全漏洞

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from the lack of validation of...

9.8CVSS8.1AI score0.00825EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.5 views

Sentrifugo SQL注入漏洞

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from the lack of validation of...

9.8CVSS8.1AI score0.00874EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.18 views

PT-2024-23094 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...

9.8CVSS7.5AI score0.00856EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.6 views

Sentrifugo SQL注入漏洞

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from the lack of validation of...

9.8CVSS8.1AI score0.00856EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.5 views

Sentrifugo SQL注入漏洞

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which stems from a missing id parameter in the...

9.8CVSS8AI score0.00863EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.7 views

PT-2024-23102 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: A Cross-Site Scripting XSS issue exists in Sentrifugo, specifically through the /sentrifugo/index.php/sitepreference/add endpoint, where the description parameter is vulnerable. This could allow a remote us...

7.1CVSS6AI score0.00489EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.5 views

Sentrifugo 跨站脚本漏洞

Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A cross-site scripting vulnerability exists in Sentrifugo version 3.2, which stems from the lack of effective filteri...

7.1CVSS6.3AI score0.00489EPSS
Exploits0References2
Rows per page
Query Builder