22 matches found
CVE-2024-34334
ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function...
CVE-2024-34335
ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting XSS vulnerability via the login page...
CVE-2024-34336
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality...
CVE-2024-34334
ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function...
CVE-2024-34336
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality...
CVE-2024-34335
ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting XSS vulnerability via the login page...
CVE-2024-34334
ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function...
CVE-2024-34335
ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting XSS vulnerability via the login page...
CVE-2024-34336
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality...
ORDAT FOSS-Online 安全漏洞
ORDAT FOSS-Online is an enterprise resource management solution from ORDAT. A security vulnerability exists in ORDAT FOSS-Online prior to 2.24.01, which stems from the presence of a user enumeration vulnerability that could allow an attacker to determine if an account exists in the application by...
CVE-2024-34335
ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting XSS vulnerability via the login page...
CVE-2024-34335
ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting XSS vulnerability via the login page...
CVE-2024-34336
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality...
ORDAT FOSS-Online 安全漏洞
ORDAT FOSS-Online is an enterprise resource management solution from ORDAT. A security vulnerability exists in ORDAT FOSS-Online versions prior to 2.24.01, which stems from a Reflected Cross-Site Scripting XSS vulnerability on the login page...
CVE-2024-34334
CVE-2024-34334 affects ORDAT FOSS-Online prior to version 2.24.01. The issue is a SQL injection vulnerability exploitable via the Forgot Password function. Red Hat and other sources corroborate the impact, with the underlying flaw enabling unauthorized access to confidential data (as per CVSS and...
PT-2024-25794 · Unknown · Ordat Foss-Online
Name of the Vulnerable Software and Affected Versions: ORDAT FOSS-Online versions prior to 2.24.01 Description: A user enumeration issue exists, allowing attackers to determine if an account exists in the application by comparing server responses of the forgot password functionality...
CVE-2024-34336
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality...
CVE-2024-34335
ORDAT FOSS-Online prior to version 2.24.01 contains a reflected XSS in the login page. The CVE notes a low- to moderate-severity impact (CVSS ~6.1) with confidentiality/integrity impact and no availability impact. Affected component is ORDAT FOSS-Online login handling; root cause is a reflected X...
PT-2024-25792 · Unknown · Ordat Foss-Online
Name of the Vulnerable Software and Affected Versions: ORDAT FOSS-Online versions prior to 2.24.01 Description: The issue is related to a SQL injection vulnerability in the forgot password function. Recommendations: For versions prior to 2.24.01, update to version 2.24.01 or later to resolve the...
CVE-2024-34334
ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function...