193 matches found
CVE-2024-29871
CVE-2024-29871 affects Sentrifugo 3.2. The SQL injection vulnerability resides in the API endpoint /sentrifugo/index.php/index/getdepartments/sentrifugo/index.php/index/updatecontactnumber via the id parameter, potentially allowing a remote attacker to craft queries and extract data. Exploitation...
CVE-2024-29870 SQL injection vulnerability in Sentrifugo
SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter./sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter. The exploitation of this vulnerability could allow a remote user to send a speciall...
CVE-2024-29870 SQL injection vulnerability in Sentrifugo
SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter./sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter. The exploitation of this vulnerability could allow a remote user to send a speciall...
CVE-2024-29870
CVE-2024-29870 affects Sentrifugo 3.2. The vulnerability is a SQL injection in the endpoint /sentrifugo/index.php/index/getdepartments/format/html, exploiting the business_id parameter. This could allow a remote attacker to craft a query to extract data from the database. The root cause is lack o...
PT-2024-23099 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: A SQL injection vulnerability exists in Sentrifugo, allowing a remote user to send a specially crafted query to the server and extract all the data from it. This issue is related to the...
PT-2024-23096 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...
Sentrifugo 跨站脚本漏洞
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. Sentrifugo version 3.2 suffers from a cross-site scripting vulnerability that stems from the lack of effective...
Sentrifugo SQL注入漏洞
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a lack of validation of...
Sentrifugo SQL注入漏洞
Sentrifugo is a human resource management system. The system includes features such as human resource management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a SQL injection vulnerability...
Sentrifugo SQL注入漏洞
Sentrifugo is a human resource management system. The system includes features such as human resource management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from a SQL injection vulnerability...
PT-2024-23095 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...
PT-2024-23101 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: A Cross-Site Scripting XSS issue exists, allowing a remote user to send a specially crafted URL to the victim and steal their session data. This is achieved through the...
PT-2024-23098 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It affects the /sentrifugo/index.php/default/reports/activeuserrptpdf API endpoint, specifically the sort name parameter. This vulnerability could allo...
Sentrifugo 安全漏洞
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from the lack of validation of...
Sentrifugo SQL注入漏洞
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from the lack of validation of...
PT-2024-23094 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: The issue is related to a SQL injection vulnerability. It could allow a remote user to send a specially crafted query to the server and extract all the data from it. The vulnerability is exploited through t...
Sentrifugo SQL注入漏洞
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which originates from the lack of validation of...
Sentrifugo SQL注入漏洞
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A SQL injection vulnerability exists in Sentrifugo version 3.2, which stems from a missing id parameter in the...
PT-2024-23102 · Unknown · Sentrifugo
Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: A Cross-Site Scripting XSS issue exists in Sentrifugo, specifically through the /sentrifugo/index.php/sitepreference/add endpoint, where the description parameter is vulnerable. This could allow a remote us...
Sentrifugo 跨站脚本漏洞
Sentrifugo is a human resource management system. The system includes functions for human resources management, performance appraisal, recruitment management and asset management. A cross-site scripting vulnerability exists in Sentrifugo version 3.2, which stems from the lack of effective filteri...