BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
Multiple vulnerabilities in OrangeHRM
May 09 2012 06:27AM
advisory htbridge com
Advisory ID: HTB23080
Product: OrangeHRM
Vendor: OrangeHRM Inc.
Vulnerable Version(s): 2.7 RC and probably prior
Tested Version: 2.7 RC
Vendor Notification: 7 March 2012
Vendor Patch: 24 April 2012
Public Disclosure: 9 May 2012
Vulnerability Type: SQL Injection, Cross-Site Scripting (XSS)
CVE Ref...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
Product: OrangeHRM
Vendor: OrangeHRM Inc.
Vulnerable Version(s): 2.7 RC and probably prior
Tested Version: 2.7 RC
Vendor Notification: 7 March 2012
Vendor Patch: 24 April 2012
Public Disclosure: 9 May 2012
Vulnerability Type: SQL Injection, Cross-Site Scripting (XSS)
CVE Ref...
[ more ]