OrangeHRM Multiple Cross Site Scripting and SQL Injection Vulnerabilities

Bugtraq ID: 53433
Class: Input Validation Error
CVE: CVE-2012-1506
CVE-2012-1507
Remote: Yes
Local: No
Published: May 09 2012 12:00AM
Updated: May 09 2012 12:00AM
Credit: High-Tech Bridge SA Security Research Lab
Vulnerable: OrangeHRM OrangeHRM 2.7 RC
Not Vulnerable: OrangeHRM OrangeHRM 2.7 Stable Release


 

Privacy Statement
Copyright 2010, SecurityFocus