Lucene search
K

7 matches found

CNNVD
CNNVD
added 2022/09/13 12:0 a.m.3 views

Synel Eharmonynew 跨站脚本漏洞

Synel Eharmonynew is a time and attendance system from Synel Israel. A security vulnerability exists in Synel Eharmonynew. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...

6.5CVSS5.5AI score0.00363EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/01/28 12:0 a.m.4 views

Synel Eharmonynew 路径遍历漏洞

Synel Eharmonynew is an attendance system from Synel Israel. Synel Eharmonynew suffers from a path traversal vulnerability that could allow an attacker to return to the root directory and open host files...

7.5CVSS7.4AI score0.01023EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/01/28 12:0 a.m.6 views

Synel Eharmonynew 跨站脚本漏洞

Synel Eharmonynew is an attendance system from Synel Israel. Synel Eharmonynew suffers from a cross-site scripting vulnerability that allows an attacker to inject JS code into the comments field and could lead to potential cookie theft, HTML markup, and JS code being loaded into the system...

6.6CVSS5.5AI score0.00382EPSS
Exploits0References2
OSV
OSV
added 2021/12/08 8:15 p.m.3 views

CVE-2021-36718

SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data Employee name, Employee ID number, Working hours etc' The vulnerabilety has been addressed and fixed on version 11. Default credentials ,...

6.5CVSS6.6AI score0.00548EPSS
Exploits0References1
Prion
Prion
added 2021/12/08 8:15 p.m.17 views

Default credentials

SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data Employee name, Employee ID number, Working hours etc' The vulnerabilety has been addressed and fixed on version 11. Default credentials ,...

6.8CVSS6.4AI score0.00548EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2021/12/08 7:25 p.m.27 views

CVE-2021-36718 SYNEL - eharmonynew / Synel Reports version 8.0.2 Default credentials , Security miscommunication , Sensetive data exposure

SYNEL - eharmonynew / Synel Reports - The attacker can log in to the system with default credentials and export a report of eharmony system with sensetive data Employee name, Employee ID number, Working hours etc' The vulnerabilety has been addressed and fixed on version 11. Default credentials ,...

6.1CVSS6.6AI score0.00548EPSS
Exploits0References1
CVE
CVE
added 2021/12/08 7:25 p.m.37 views

CVE-2021-36718

CVE-2021-36718 affects SYNEL eharmonynew and Synel Reports. Public docs confirm an authentication issue where attackers can log in with default credentials to export reports containing sensitive data (employee name, ID, hours worked). Affected versions include Synel eharmonynew prior to version 1...

6.8CVSS6.3AI score0.00548EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder