orangehrm Summary
Latest vulnerabilities published by orangehrm
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Vulnerability in OrangeHRM Open Source Human Resource Management System
CVE-2026-39349OrangehrmOrangehrm2.1LOWAuthorization Bypass in OrangeHRM Human Resource Management System
CVE-2026-39348OrangehrmOrangehrm5.3MEDIUMIntegrity Issues in OrangeHRM Open Source HRM System
CVE-2026-39347OrangehrmOrangehrm5.1MEDIUMAccess Control Bypass Vulnerability in OrangeHRM Human Resource Management System
CVE-2026-39346OrangehrmOrangehrm5.3MEDIUMFile Resolution Vulnerability in OrangeHRM by OrangeHRM
CVE-2026-39345OrangehrmOrangehrm4.6MEDIUMUncontrolled File Retrieval in OrangeHRM Human Resource Management System
CVE-2025-66291OrangehrmOrangehrm5.3MEDIUMInsufficient Authorization in OrangeHRM's Recruitment Attachment Retrieval Process
CVE-2025-66290OrangehrmOrangehrm5.3MEDIUMSession Management Flaw in OrangeHRM Human Resource Management System
CVE-2025-66289OrangehrmOrangehrm8.7HIGHAccount Takeover Vulnerability in OrangeHRM Human Resource Management System
CVE-2025-66225OrangehrmOrangehrm8.7HIGHInput Neutralization Vulnerability in OrangeHRM Human Resource Management System
CVE-2025-66224OrangehrmOrangehrm9CRITICALPrivilege Escalation Vulnerability in OrangeHRM by OrangeHRM
CVE-2025-44040OrangeHRMOrangeHRM7.2HIGHOrangeHRM 3.3.3 vulnerable to SQL injection
CVE-2024-36428OrangeHRMOrangehrmEPSS 77%8.1HIGHStored Cross-Site Scripting Vulnerability in OrangeHRM by OrangeHRM
CVE-2022-28985OrangehrmOrangehrm6.3MEDIUMHost Header Injection Vulnerability in OrangeHRM by OrangeHRM
CVE-2022-27110OrangehrmOrangehrm5.4MEDIUMReferer Header Injection Vulnerability in OrangeHRM by OrangeHRM
CVE-2022-27109OrangehrmOrangehrm5.4MEDIUMInsecure Direct Object Reference in OrangeHRM by OrangeHRM
CVE-2022-27108OrangehrmOrangehrm4.3MEDIUMStored XSS Vulnerability in OrangeHRM 4.10
CVE-2022-27107OrangehrmOrangehrm5.4MEDIUMUsername and Email Enumeration Vulnerability in OrangeHRM by OrangeHRM
CVE-2021-28399OrangehrmOrangehrm5.3MEDIUMSQL Injection Vulnerability in OrangeHRM Buzz Module
CVE-2020-29437OrangehrmOrangehrm8.1HIGHCross-Site Scripting Vulnerability in Orange HRM by OrangeHRM
CVE-2013-1353OrangehrmOrangehrm5.4MEDIUMInput Validation Flaw in OrangeHRM Allows Command Execution by Authenticated Users
CVE-2019-12839OrangehrmOrangehrm8.8HIGHCross-Site Scripting Flaw in OrangeHRM Software
CVE-2014-100021OrangehrmOrangehrmSQL Injection Vulnerability in OrangeHRM Software
CVE-2012-1506OrangehrmOrangehrmMultiple Cross-Site Scripting Vulnerabilities in OrangeHRM by OrangeHRM Inc.
CVE-2012-1507OrangehrmOrangehrmEPSS 10%Cross-Site Scripting Vulnerabilities in OrangeHRM by OrangeHRM, Inc.
CVE-2011-5258OrangehrmOrangehrm