CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2025/05/22 11:3 p.m.•6 views

CVE-2022-34134

Jorani v1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /application/controllers/Users.php...

8.8CVSS7.2AI score0.00374EPSS

Exploits0References1

CNNVD•added 2023/11/20 12:0 a.m.•3 views

Jorani Security Breach

Jorani is a leave management system developed by Benjamin BALET, an individual developer in France. It is designed to provide small organizations with a simple workflow for leave and overtime requests. A security vulnerability exists in Jorani version 1.0.2, which stems from the presence of a hos...

5.3CVSS7.1AI score0.00757EPSS

Exploits3References3

CNVD•added 2022/06/30 12:0 a.m.•17 views

Jorani Cross-Site Scripting Vulnerability (CNVD-2022-58885)

Benjamin BALET Jorani is a leave management system from the French personal developer Benjamin BALET. Designed to provide small organizations with a simple workflow for leave and overtime requests, Benjamin BALET Jorani version 1.0 contains a cross-site scripting vulnerability stemming from a lac...

4.3CVSS3.1AI score0.00502EPSS

Exploits0Affected Software1

CNVD•added 2022/06/30 12:0 a.m.•43 views

Jorani v1.0 SQL Injection Vulnerability

Jorani is a leave management system developed by Benjamin BALET, an individual developer in France. Designed to provide small organizations with a simple workflow for leave and overtime requests. Jorani v1.0 suffers from an SQL injection vulnerability that stems from a lack of valid validation in...

9.8CVSS9.7AI score0.01255EPSS

Exploits0References1

NVD•added 2022/06/28 12:15 a.m.•11 views

CVE-2022-34133

Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Comment parameter at application/controllers/Leaves.php...

6.1CVSS0.00502EPSS

Exploits0References2

NVD•added 2022/06/28 12:15 a.m.•13 views

CVE-2022-34134

Jorani v1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /application/controllers/Users.php...

8.8CVSS0.00374EPSS

Exploits0References2

OSV•added 2022/06/28 12:15 a.m.•14 views

CVE-2022-34132

Benjamin BALET Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php...

9.8CVSS8.2AI score

Exploits0References2

Prion•added 2022/06/28 12:15 a.m.•11 views

Cross site scripting

Benjamin BALET Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Comment parameter at application/controllers/Leaves.php...

4.3CVSS6AI score0.00502EPSS

Exploits0References2Affected Software1

Prion•added 2022/06/28 12:15 a.m.•17 views

Cross site request forgery (csrf)

Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /application/controllers/Users.php...

6.8CVSS8.8AI score0.00374EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/06/27 11:9 p.m.•15 views

CVE-2022-34132

Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php...

10AI score0.01255EPSS

Exploits0References2

CVE•added 2022/06/27 11:9 p.m.•66 views

CVE-2022-34132

CVE-2022-34132 affects Jorani v1.0, with a SQL injection vulnerability exploitable through the id parameter in application/controllers/Leaves.php. The issue is documented across multiple feeds (NVD, CNVD, OSV, RH, CNVD mirrors) as a lack of input validation enabling access to database information...

9.8CVSS7.3AI score0.01255EPSS

Exploits0References2Affected Software1

CVE•added 2022/06/27 11:9 p.m.•61 views

CVE-2022-34134

CVE-2022-34134 affects Jorani v1.0, with a Cross-Site Request Forgery in /application/controllers/Users.php. The connected documents consistently describe CSRF risk for this version/component, with no publicly available patch/version details in the provided sources. NVD metrics indicate high impa...

8.8CVSS7.2AI score0.00374EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/06/27 11:9 p.m.•21 views

CVE-2022-34133

Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Comment parameter at application/controllers/Leaves.php...

6.2AI score0.00502EPSS

Exploits0References2

CNNVD•added 2022/06/27 12:0 a.m.•2 views

Jorani SQL注入漏洞

9.8CVSS6AI score0.01255EPSS

Exploits0References5

Exploit DB•added 2018/09/06 12:0 a.m.•28 views

Jorani Leave Management 0.6.5 - (Authenticated) 'startdate' SQL Injection

Exploit Title: Jorani Leave Management 0.6.5 – 'startdate' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-09-06 Google Dork: N/A Vendor: Benjamin BALET Software Link: https://jorani.org/download.html Affected Version: 0.6.5 and possibly before Patched...

5.5CVSS5.8AI score0.02871EPSS

Exploits5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by