Vulnerabilities > Orangehrm > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-06 | CVE-2022-27108 | Authorization Bypass Through User-Controlled Key vulnerability in Orangehrm 4.10 OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`. | 4.0 |
| 2022-04-06 | CVE-2022-27109 | Open Redirect vulnerability in Orangehrm 4.10 OrangeHRM 4.10 suffers from a Referer header injection redirect vulnerability. | 4.9 |
| 2022-04-06 | CVE-2022-27110 | Open Redirect vulnerability in Orangehrm 4.10 OrangeHRM 4.10 is vulnerable to a Host header injection redirect via viewPersonalDetails endpoint. | 4.9 |
| 2021-04-26 | CVE-2021-28399 | Unspecified vulnerability in Orangehrm 4.7 OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid username and email address via the forgot password function. | 5.0 |
| 2021-01-05 | CVE-2020-29437 | SQL Injection vulnerability in Orangehrm SQL injection in the Buzz module of OrangeHRM through 4.6 allows remote authenticated attackers to execute arbitrary SQL commands via the orangehrmBuzzPlugin/lib/dao/BuzzDao.php loadMorePostsForm[profileUserId] parameter to the buzz/loadMoreProfile endpoint. | 5.5 |
| 2019-06-15 | CVE-2019-12839 | OS Command Injection vulnerability in Orangehrm In OrangeHRM 4.3.1 and before, there is an input validation error within admin/listMailConfiguration (txtSendmailPath parameter) that allows authenticated attackers to achieve arbitrary command execution. | 6.5 |
| 2015-01-13 | CVE-2014-100021 | Cross-site Scripting vulnerability in Orangehrm Cross-site scripting (XSS) vulnerability in symfony/web/index.php/pim/viewEmployeeList in OrangeHRM before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the empsearch[employee_name][empId] parameter. | 4.3 |
| 2014-09-17 | CVE-2012-1507 | Cross-Site Scripting vulnerability in Orangehrm Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, or (3) uri parameter to index.php. | 4.3 |
| 2014-09-17 | CVE-2012-1506 | SQL Injection vulnerability in Orangehrm SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. | 6.5 |
| 2013-02-12 | CVE-2011-5259 | SQL Injection vulnerability in Orangehrm SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM before 2.6.11.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 6.8 |