7 matches found
Jorani Leave Management 0.6.5 - startdate SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Jorani Leave Management 0.6.5 – 'startdate' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Benjamin BALET Software Link: https://jorani.org/download.html Affected Version: 0.6.5 and possibly...
Jorani Leave Management 0.6.5 - (Authenticated) startdate SQL Injection
Jorani Leave Management 0.6.5 - Authenticated startdate SQL Injection Exploit Title: Jorani Leave Management 0.6.5 – 'startdate' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-09-06 Google Dork: N/A Vendor: Benjamin BALET Software Link:...
Jorani Leave Management System 0.6.5 SQL Injection
Exploit Title: Jorani Leave Management 0.6.5 a 'startdate' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-09-06 Google Dork: N/A Vendor: Benjamin BALET Software Link: https://jorani.org/download.html Affected Version: 0.6.5 and possibly before Patched...
Jorani Leave Management 0.6.5 - (Authenticated) 'startdate' SQL Injection
Exploit Title: Jorani Leave Management 0.6.5 – 'startdate' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-09-06 Google Dork: N/A Vendor: Benjamin BALET Software Link: https://jorani.org/download.html Affected Version: 0.6.5 and possibly before Patched...
CVE-2018-15918
creationtimestamp| type| source ---|---|--- 2018-09-06 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45340...
CVE-2018-15918
An issue was discovered in Jorani 0.6.5. SQL Injection error-based allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate...
CVE-2018-15918
CVE-2018-15918 affects Jorani Leave Management System 0.6.5 (and possibly earlier). A SQL Injection (error-based) flaw exists in the startdate and enddate parameters of the POST /leaves/validate endpoint, allowing an attacker to read and modify sensitive data in the application’s database. Public...