72 matches found
EUVD-2022-49684
Malicious code in bioql PyPI...
EUVD-2022-49686
Malicious code in bioql PyPI...
EUVD-2022-49685
Malicious code in bioql PyPI...
EUVD-2022-49683
Malicious code in bioql PyPI...
The vulnerability of Websoft HCM’s automation software for HR processes stems from the use of open redirection. This allows attackers to redirect users to any arbitrary URL address.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to redirect users to any arbitrary URL address from a remote location...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of measures taken to protect the website structure, allowing attackers to carry out XSS attacks.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by sending specially crafted HTTP requests remotely...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of measures taken to protect the website structure, allowing attackers to carry out XSS attacks.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks by injecting specially crafted JavaScript code into HTML pages...
PT-2025-32187 · "Вебсофт Девелопмент" · Websoft Hcm
Уязвимость программного обеспечения автоматизации HR-процессов Websoft HCM связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, раскрыть защищаемую информацию...
CVE-2022-46905
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an unauthenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
CVE-2022-46904
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Self-XSS...
CVE-2022-46903
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Stored XSS...
CVE-2022-46906
Insufficient processing of user input in WebSoft HCM 2021.2.3.327 allows an authenticated attacker to inject arbitrary HTML tags into the page processed by the user's browser, including scripts in the JavaScript programming language, which leads to Reflected XSS...
PT-2025-28933 · Ооо "Вебсофт Девелопмент" · Websoft Hcm
Уязвимость программного обеспечения автоматизации HR-процессов Websoft HCM связана с несоответствием ответов на входящие запросы. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, раскрыть защищаемую информацию...
The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to execute the displayed HTML code.
The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary reflected HTML code remotely...
The vulnerability of Websoft HCM’s automation software for HR processes stems from incorrect restrictions on the path to the restricted catalog. This allows attackers to disclose protected information.
The vulnerability of Websoft HCM’s automation software for HR processes is related to incorrect restrictions on the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to disclose protected information...
The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to execute the displayed HTML code.
The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability allows a malicious actor to execute arbitrary HTML code by sending a specially crafted POST request...
The vulnerability of Websoft HCM’s automation software for HR processes allows attackers to execute cross-site scripting attacks (XSS).
The vulnerability of Websoft HCM’s automation software for HR processes is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
The vulnerability of Websoft HCM’s automation software for HR processes stems from improper path handling, allowing attackers to perform arbitrary file operations outside of the directory.
The vulnerability of Websoft HCM’s automation software for HR processes arises from improper handling of paths during the loading of specially crafted files. Exploiting this vulnerability allows an attacker to perform arbitrary file operations outside the directory...
PT-2025-1064 · Websoft · Websoft Hcm
Name of the Vulnerable Software and Affected Versions: Websoft HCM affected versions not specified Description: The issue is related to incorrect path traversal when loading specially crafted files, allowing a remote attacker to perform arbitrary file operations outside the directory...
PT-2024-41135 · Ооо "Вебсофт Девелопмент" · Websoft Hcm
Уязвимость программного обеспечения автоматизации HR-процессов Websoft HCM связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный отраженный HTML-код...