4 matches found
EUVD-2025-31031
Malicious code in bioql PyPI...
CVE-2025-48869 Horilla Unauthorized Access to Candidate Resume Files Due to Broken Access Control
Horilla is a free and open source Human Resource Management System HRMS. Unauthenticated users can access uploaded resume files in Horilla 1.3.0 by directly guessing or predicting file URLs. These files are stored in a publicly accessible directory, allowing attackers to retrieve sensitive...
PT-2025-39308
Name of the Vulnerable Software and Affected Versions Horilla version 1.3.0 Description Horilla is a Human Resource Management System HRMS. Unauthenticated users can access uploaded resume files by directly guessing or predicting file URLs. These files are stored in a publicly accessible director...
CVE-2022-2544
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes...