Lucene search
K
BoldworkplannerBold Workplanner

9 matches found

CVE
CVE
added 2025/09/30 11:12 a.m.18 views

CVE-2025-41092

Summary: CVE-2025-41092 affects Bold Workplanner. Vulnerability: Insecure Direct Object Reference (IDOR) due to insufficient input validation, enabling an authenticated user to access time record details via unauthorized internal identifiers. Affected versions: Bold Workplanner

7.1CVSS6.3AI score0.00234EPSS
CVE
CVE
added 2025/09/30 11:14 a.m.16 views

CVE-2025-41094

The CVE-2025-41094 issue affects Bold Workplanner. An Insecure Direct Object Reference (IDOR) exists in versions prior to 2.5.25 (4935b438f9b) due to insufficient input validation, enabling an authenticated user to access functional contract details via unauthorized internal identifiers. Multiple...

7.1CVSS6.3AI score0.00234EPSS
CVE
CVE
added 2025/09/30 11:15 a.m.16 views

CVE-2025-41095

CVE-2025-41095 affects Bold Workplanner. Affected: versions prior to 2.5.25 (4935b438f9b). Issue: insecure direct object reference (IDOR) due to insufficient validation of user input, enabling an authenticated user to access planning counter details via unauthorized internal identifiers. Impact d...

7.1CVSS6.3AI score0.00234EPSS
CVE
CVE
added 2025/09/30 11:10 a.m.14 views

CVE-2025-41091

CVE-2025-41091 concerns Bold Workplanner. Affected: Bold Workplanner prior to version 2.5.25 (4935b438f9b). Issue: Insecure Direct Object Reference (IDOR) due to insufficient input validation, enabling an authenticated user to access calendar details using unauthorized internal identifiers. Impac...

7.1CVSS6.3AI score0.00234EPSS
CVE
CVE
added 2025/09/30 11:16 a.m.14 views

CVE-2025-41097

CVE-2025-41097 affects Bold Workplanner, an enterprise HR software. The issue is an insecure direct object reference (IDOR) caused by insufficient validation of user input, allowing an authenticated user to access basic employee details using unauthorized internal identifiers. This vulnerability ...

7.1CVSS6.3AI score0.00234EPSS
CVE
CVE
added 2025/09/30 11:17 a.m.14 views

CVE-2025-41099

CVE-2025-41099 describes an insecure direct object reference in Bold Workplanner before version 2.5.25 (build 4935b438f9b). The issue arises from insufficient input validation, allowing an authenticated user to access the internal list of permissions using unauthorized internal identifiers, with ...

7.1CVSS6.3AI score0.00294EPSS
CVE
CVE
added 2025/09/30 11:18 a.m.13 views

CVE-2025-41098

CVE-2025-41098 affects Bold Workplanner. The issue is an Insecure Direct Object Reference (IDOR) resulting from misuse of the General Enquiry web service, impacting versions prior to 2.5.25 (build 4935b438f9b). Public sources across multiple databases confirm an IDOR vulnerability without exposed...

7.5CVSS6.5AI score0.00323EPSS
CVE
CVE
added 2025/09/30 11:13 a.m.12 views

CVE-2025-41093

CVE-2025-41093 affects Bold Workplanner prior to version 2.5.25. The issue is an insecure direct object reference (IDOR) caused by inadequate validation of user input, allowing an authenticated user to access basic contract details via unauthorized internal identifiers. Remediation: update to ver...

7.1CVSS6.3AI score0.00234EPSS
CVE
CVE
added 2025/09/30 11:16 a.m.11 views

CVE-2025-41096

Summary: CVE-2025-41096 is an Insecure Direct Object Reference (IDOR) in Bold Workplanner, affecting versions prior to 2.5.25. The vulnerability arises from insufficient validation of user input, allowing an authenticated user to access the dates of current contract details using unauthorized int...

7.1CVSS6.3AI score0.00234EPSS