8 matches found
CVE-2025-67102
A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter...
CVE-2025-67102
A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter...
CVE-2025-67102
A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter...
CVE-2025-67102
A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter...
CVE-2025-67102
A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter...
CVE-2025-67102
The vulnerability described (CVE-2025-67102) affects Jorani up to version 1.0.4, specifically the alldayoffs feature. It is a SQL injection flaw exploitable by an authenticated attacker via the entity parameter, enabling arbitrary SQL execution. The provided documents do not specify affected envi...
PT-2026-20260
Name of the Vulnerable Software and Affected Versions Jorani versions prior to 1.0.5 Description A SQL injection issue exists in the alldayoffs feature of the software. An authenticated attacker can execute arbitrary SQL commands through the entity parameter. Recommendations Update to version 1.0...
CVE-2025-67102
A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter...