Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-18	CVE-2019-15130	Use of Insufficiently Random Values vulnerability in Humanica Humatrix 7 1.0.0.203/1.0.0.681 The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitment_online/personalData/act_personaltab.cfm multiple-part POST request with a predictable WRC01_USERID parameter. network low complexity humanica CWE-330 critical	9.8