Filtered by vendor Simplehrm
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2499 | 1 Simplehrm | 1 Simplehrm | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie. | |||||
CVE-2013-2498 | 1 Simplehrm | 1 Simplehrm | 2024-02-28 | 7.5 HIGH | N/A |
SQL injection vulnerability in the login page in flexycms/modules/user/user_manager.php in SimpleHRM 2.3, 2.2, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php/user/setLogin. |