Lucene search
K
ScshrHr Portal

7 matches found

CVE
CVE
added 2025/06/06 9:19 a.m.58 views

CVE-2025-48780

CVE-2025-48780 affects Soar Cloud HRD Human Resource Management System prior to version 7.3.2025.0408. A deserialization vulnerability in the download file function allows remote attackers to execute arbitrary system commands via a crafted serialized object. Public metrics list a critical impact ...

9.9CVSS7.6AI score0.0046EPSS
CVE
CVE
added 2025/06/06 9:27 a.m.55 views

CVE-2025-48783

CVE-2025-48783 describes an external control of file name or path in the delete file function of Soar Cloud HRD Human Resource Management System, affected up to version 7.3.2025.0408. The vulnerability allows remote attackers to delete partial files by specifying arbitrary file paths. Exploitatio...

8.8CVSS6.8AI score0.0033EPSS
CVE
CVE
added 2025/06/06 9:21 a.m.54 views

CVE-2025-48781

The CVE-2025-48781 issue affects Soar Cloud HRD Human Resource Management System, specifically versions prior to and including 7.3.2025.0408. The vulnerability is an external control of file name or path in the download file function, enabling remote attackers to obtain partial files by specifyin...

8.7CVSS6.8AI score0.0038EPSS
CVE
CVE
added 2025/06/06 9:28 a.m.54 views

CVE-2025-48784

CVE-2025-48784 affects Soar Cloud HRD Human Resource Management System prior to version 7.3.2025.0408. The vulnerability is a missing authorization issue that allows remote attackers to modify system settings without prior authorization. Public references (NVD, Red Hat, PTSecurity, CVE lists) con...

8.8CVSS6.6AI score0.00316EPSS
CVE
CVE
added 2025/06/06 9:15 a.m.54 views

CVE-2025-5192

Affected software: Soar Cloud HRD Human Resource Management System (client application) up to version 7.3.2025.0408. Vulnerability: Missing authentication for a critical function, allowing remote attackers to bypass authentication and access application functions. Root cause / details: Described ...

9.3CVSS7.1AI score0.00444EPSS
CVE
CVE
added 2025/06/06 9:24 a.m.53 views

CVE-2025-48782

Soar Cloud HRD Human Resource Management System (Soar Cloud HRMS) is affected up to version 7.3.2025.0408. The vulnerability is an unrestricted upload of files with dangerous types in the upload file function, enabling remote command execution by a malicious file. The connected sources consistent...

9.9CVSS7.5AI score0.00441EPSS
CVE
CVE
added 2023/09/07 2:0 a.m.42 views

CVE-2023-34357

Soar Cloud Ltd. HR Portal is affected by CVE-2023-34357 due to a weak password recovery mechanism: the password-reset link sent by email remains valid after a reset and past its expiration, enabling an attacker who can access the link (e.g., via browser history) to reuse it and change the passwor...

7.8CVSS7.7AI score0.00169EPSS