394 matches found
CVE-2025-5192
A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions...
CVE-2025-48782
An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file...
CVE-2025-5192
A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions...
CVE-2025-48784
A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization...
CVE-2025-48780
A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a crafted serialized object...
CVE-2025-48781
An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...
CVE-2025-48784 Soar Cloud HRD Human Resource Management System - Missing Authorization
A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization...
CVE-2025-48784
CVE-2025-48784 affects Soar Cloud HRD Human Resource Management System prior to version 7.3.2025.0408. The vulnerability is a missing authorization issue that allows remote attackers to modify system settings without prior authorization. Public references (NVD, Red Hat, PTSecurity, CVE lists) con...
CVE-2025-48784 Soar Cloud HRD Human Resource Management System - Missing Authorization
A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization...
CVE-2025-48783 Soar Cloud HRD Human Resource Management System - External Control of File Name or Path
An external control of file name or path vulnerability in the delete file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to delete partial files by specifying arbitrary file paths...
CVE-2025-48783
CVE-2025-48783 describes an external control of file name or path in the delete file function of Soar Cloud HRD Human Resource Management System, affected up to version 7.3.2025.0408. The vulnerability allows remote attackers to delete partial files by specifying arbitrary file paths. Exploitatio...
CVE-2025-48783 Soar Cloud HRD Human Resource Management System - External Control of File Name or Path
An external control of file name or path vulnerability in the delete file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to delete partial files by specifying arbitrary file paths...
CVE-2025-48782 Soar Cloud HRD Human Resource Management System - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file...
CVE-2025-48782
Soar Cloud HRD Human Resource Management System (Soar Cloud HRMS) is affected up to version 7.3.2025.0408. The vulnerability is an unrestricted upload of files with dangerous types in the upload file function, enabling remote command execution by a malicious file. The connected sources consistent...
CVE-2025-48782 Soar Cloud HRD Human Resource Management System - Unrestricted Upload of File with Dangerous Type
An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file...
CVE-2025-48781 Soar Cloud HRD Human Resource Management System - External Control of File Name or Path
An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...
CVE-2025-48781 Soar Cloud HRD Human Resource Management System - External Control of File Name or Path
An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths...
CVE-2025-48781
The CVE-2025-48781 issue affects Soar Cloud HRD Human Resource Management System, specifically versions prior to and including 7.3.2025.0408. The vulnerability is an external control of file name or path in the download file function, enabling remote attackers to obtain partial files by specifyin...
CVE-2025-48780 Soar Cloud HRD Human Resource Management System - Deserialization of Untrusted Data
A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a crafted serialized object...
CVE-2025-48780
CVE-2025-48780 affects Soar Cloud HRD Human Resource Management System prior to version 7.3.2025.0408. A deserialization vulnerability in the download file function allows remote attackers to execute arbitrary system commands via a crafted serialized object. Public metrics list a critical impact ...