Bold Workplanner Insecure Direct Object Reference Vulnerability (CNVD-2025-24046)

Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that can be exploited by an attacker to access calendar details using an unauthorized internal...

BOLD Workplanner 安全漏洞

Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that can be exploited by an attacker to access calendar details using an unauthorized internal...

Bold Workplanner 安全漏洞

Bold Workplanner is an enterprise software for human resource management from the Spanish company Bold Workplanner. Bold Workplanner suffers from an insecure direct object reference vulnerability that can be exploited by an attacker to access basic employee details using an unauthorized internal...

PT-2025-34222 · Jsherp · Jsherp

Name of the Vulnerable Software and Affected Versions: jshERP version 3.5 Description: An incorrect access control issue exists in the controllerResourceController.java component of jshERP version 3.5. This allows unauthorized attackers to obtain all corresponding ID data by modifying the ID valu...

CVE-2025-8790

A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been declared as critical. This vulnerability affects unknown code of the file /module/Api/pessoa of the component API Endpoint. The manipulation of the argument ID leads to improper authorization. The attack can be initiated...