Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Multiple vulnerabilities in OrangeHRM
May 09 2012 06:27AM
advisory htbridge com
Advisory ID: HTB23080
Vendor: OrangeHRM Inc.
Vulnerable Version(s): 2.7 RC and probably prior
Tested Version: 2.7 RC
Vendor Notification: 7 March 2012
Vendor Patch: 24 April 2012
Public Disclosure: 9 May 2012
Vulnerability Type: SQL Injection, Cross-Site Scripting (XSS)
[ more ]
Copyright 2010, SecurityFocus