Vulnerabilities (CVE)

Filtered by vendor Simplehrm Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-2499 1 Simplehrm 1 Simplehrm 2024-02-28 5.0 MEDIUM 7.5 HIGH
SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie.
CVE-2013-2498 1 Simplehrm 1 Simplehrm 2024-02-28 7.5 HIGH N/A
SQL injection vulnerability in the login page in flexycms/modules/user/user_manager.php in SimpleHRM 2.3, 2.2, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to index.php/user/setLogin.