CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

89 matches found

OSV•added 2025/09/30 11:37 a.m.•4 views

CVE-2025-41092

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to time records details using unauthorised internal identifiers...

4.3CVSS5.8AI score0.00229EPSS

Exploits0References1

NVD•added 2025/09/30 11:37 a.m.•4 views

CVE-2025-41091

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to calendar details using unauthorised internal identifiers...

7.1CVSS0.00229EPSS

Exploits0References1

NVD•added 2025/09/30 11:37 a.m.•3 views

CVE-2025-41092

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to time records details using unauthorised internal identifiers...

7.1CVSS0.00229EPSS

Exploits0References1

NVD•added 2025/09/30 11:37 a.m.•2 views

CVE-2025-41093

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic contract details using unauthorised internal identifiers...

7.1CVSS0.00229EPSS

Exploits0References1

CVE•added 2025/09/30 11:18 a.m.•12 views

CVE-2025-41098

CVE-2025-41098 affects Bold Workplanner. The issue is an Insecure Direct Object Reference (IDOR) resulting from misuse of the General Enquiry web service, impacting versions prior to 2.5.25 (build 4935b438f9b). Public sources across multiple databases confirm an IDOR vulnerability without exposed...

7.5CVSS6.5AI score0.00316EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/09/30 11:18 a.m.•4 views

CVE-2025-41098 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a misuse of the general enquiry web service...

7.1CVSS6.5AI score0.00316EPSS

Exploits0References1

Cvelist•added 2025/09/30 11:18 a.m.•5 views

CVE-2025-41098 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a misuse of the general enquiry web service...

7.1CVSS0.00316EPSS

Exploits0References1

CVE•added 2025/09/30 11:17 a.m.•10 views

CVE-2025-41099

CVE-2025-41099 describes an insecure direct object reference in Bold Workplanner before version 2.5.25 (build 4935b438f9b). The issue arises from insufficient input validation, allowing an authenticated user to access the internal list of permissions using unauthorized internal identifiers, with ...

7.1CVSS6.3AI score0.00288EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/09/30 11:17 a.m.•3 views

CVE-2025-41099 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the list of permissions using unauthorised internal identifiers...

7.1CVSS6.3AI score0.00288EPSS

Exploits0References1

Cvelist•added 2025/09/30 11:17 a.m.•4 views

CVE-2025-41099 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the list of permissions using unauthorised internal identifiers...

7.1CVSS0.00288EPSS

Exploits0References1

CVE•added 2025/09/30 11:16 a.m.•11 views

CVE-2025-41097

CVE-2025-41097 affects Bold Workplanner, an enterprise HR software. The issue is an insecure direct object reference (IDOR) caused by insufficient validation of user input, allowing an authenticated user to access basic employee details using unauthorized internal identifiers. This vulnerability ...

7.1CVSS6.3AI score0.00229EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/09/30 11:16 a.m.•5 views

CVE-2025-41097 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic employee details using unauthorised internal identifiers...

7.1CVSS0.00229EPSS

Exploits0References1

Vulnrichment•added 2025/09/30 11:16 a.m.•2 views

CVE-2025-41097 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic employee details using unauthorised internal identifiers...

7.1CVSS6.3AI score0.00229EPSS

Exploits0References1

CVE•added 2025/09/30 11:16 a.m.•10 views

CVE-2025-41096

Summary: CVE-2025-41096 is an Insecure Direct Object Reference (IDOR) in Bold Workplanner, affecting versions prior to 2.5.25. The vulnerability arises from insufficient validation of user input, allowing an authenticated user to access the dates of current contract details using unauthorized int...

7.1CVSS6.3AI score0.00229EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/09/30 11:16 a.m.•5 views

CVE-2025-41096 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers...

7.1CVSS0.00229EPSS

Exploits0References1

Vulnrichment•added 2025/09/30 11:16 a.m.•3 views

CVE-2025-41096 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers...

7.1CVSS6.3AI score0.00229EPSS

Exploits0References1

Vulnrichment•added 2025/09/30 11:15 a.m.•5 views

CVE-2025-41095 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to planning counter details using unauthorised internal identifiers...

7.1CVSS6.3AI score0.00229EPSS

Exploits0References1

Cvelist•added 2025/09/30 11:15 a.m.•4 views

CVE-2025-41095 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to planning counter details using unauthorised internal identifiers...

7.1CVSS0.00229EPSS

Exploits0References1

CVE•added 2025/09/30 11:15 a.m.•12 views

CVE-2025-41095

CVE-2025-41095 affects Bold Workplanner. Affected: versions prior to 2.5.25 (4935b438f9b). Issue: insecure direct object reference (IDOR) due to insufficient validation of user input, enabling an authenticated user to access planning counter details via unauthorized internal identifiers. Impact d...

7.1CVSS6.3AI score0.00229EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/09/30 11:14 a.m.•5 views

CVE-2025-41094 Insecure Direct Object Reference in GPS BOLD Workplanner

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to functional contract details using unauthorised internal identifiers...

7.1CVSS6.3AI score0.00229EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by