19 matches found
CVE-2024-40324
A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return CR and Line Feed LF characters into input fields, leading to HTTP response splitting and header manipulation...
The vulnerability of the E-Staff automated recruitment process system, related to errors in data filtering in document display functions, allows a perpetrator to execute arbitrary JavaScript code.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering in document display functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of the E-Staff automated recruitment process system, related to errors in data filtering in image display functions, allows a perpetrator to execute arbitrary code.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering in image display functions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted HTML page...
The vulnerability of the E-Staff automated recruitment process system, related to errors in data filtering during object updates, allows a perpetrator to execute arbitrary JavaScript code.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering during object updates. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...
The vulnerability of the E-Staff automation system for recruitment processes is related to errors in XML data filtering during document printing, allowing a perpetrator to execute arbitrary commands.
The vulnerability of the E-Staff recruitment process automation system is related to errors in XML data filtering during document printing. Exploiting this vulnerability allows a malicious actor to remotely execute arbitrary commands by sending a specially crafted XML document...
The vulnerability of the E-Staff automated recruitment process system, related to data filtering errors, allows a perpetrator to execute arbitrary codes.
The vulnerability of the E-Staff recruitment automation system is related to data filtering errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted HTML page...
The vulnerability of the E-Staff automated recruitment process system, related to data filtering errors, allows a perpetrator to compromise the integrity and accessibility of the protected information.
The vulnerability of the E-Staff recruitment automation system is related to errors in data filtering. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the integrity and accessibility of the protected information...
The vulnerability of the E-Staff automation system for recruitment processes lies in errors during data filtering when fields of objects are modified. This allows a malicious individual to gain unauthorized access to protected information and execute arbitrary codes.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering when fields of objects are modified. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and execute arbitrary...
The vulnerability of the E-Staff automation system for recruitment processes is related to errors in data filtering when fields of objects are changed. This allows a perpetrator to execute arbitrary commands.
The vulnerability of the E-Staff recruitment process automation system is related to errors in data filtering when fields of objects are modified. Exploiting this vulnerability allows a malicious actor to bypass security measures and execute arbitrary commands by writing web slugs...
PT-2024-41182 · Ооо 'Датэкс Софтвер' · E-Staff
Уязвимость системы автоматизации рекрутинговых процессов E-Staff связана с ошибками фильтрации данных в функциях отображения изображений. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код с помощью специально сформированной HTML-страницы...
PT-2024-41179 · Ооо 'Датэкс Софтвер' · E-Staff
Уязвимость системы автоматизации рекрутинговых процессов E-Staff связана с ошибками фильтрации данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации...
PT-2024-41184 · Ооо 'Датэкс Софтвер' · E-Staff
Уязвимость системы автоматизации рекрутинговых процессов E-Staff связана с ошибками фильтрации данных в функциях отображения документов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный JavaScript-код...
PT-2024-41188 · Ооо 'Датэкс Софтвер' · E-Staff
Уязвимость системы автоматизации рекрутинговых процессов E-Staff связана с ошибками фильтрации данных при конвертации файлов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации и повысить свои привилегии...
CVE-2024-40324
A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return CR and Line Feed LF characters into input fields, leading to HTTP response splitting and header manipulation...
CVE-2024-40324
CVE-2024-40324: A CRLF injection vulnerability in E-Staff v5.1 allows CR/LF characters in input fields, enabling HTTP response splitting and header manipulation. Affected: E-Staff 5.1. Underlying issue: CRLF injection in input handling. Impact per sources is header-related and could influence res...
E-Staff 安全漏洞
E-Staff is a reliable recruiting tool from the Russian company E-Staff for modern integrated solutions for recruiting in servers or in the cloud, with a wide range of integration features with any systems and services. A security vulnerability exists in E-Staff version 5.1. An attacker exploiting...
CVE-2024-40324
A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return CR and Line Feed LF characters into input fields, leading to HTTP response splitting and header manipulation...
CVE-2024-40324
A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return CR and Line Feed LF characters into input fields, leading to HTTP response splitting and header manipulation...
PT-2024-28806 · E-Staff · E-Staff
Name of the Vulnerable Software and Affected Versions: E-Staff version 5.1 Description: A CRLF injection issue allows attackers to insert Carriage Return CR and Line Feed LF characters into input fields, leading to HTTP response splitting and header manipulation. Recommendations: For E-Staff...