Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
SQL Injection Vulnerability in OrangeHRM
Nov 05 2012 02:31PM
advisory htbridge com
Advisory ID: HTB23119
Vendor: OrangeHRM Inc.
Vulnerable Version(s): 2.7.1-rc.1 and probably prior
Tested Version: 2.7.1-rc.1
Vendor Notification: October 10, 2012
Public Disclosure: October 31, 2012
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2012-5367
[ more ]
Copyright 2010, SecurityFocus