CVE-2019-15129
- EPSS 0.99%
- Veröffentlicht 18.08.2019 17:15:09
- Zuletzt bearbeitet 21.11.2024 04:28:06
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to access all candidates' files in the photo folder on the website by specifying a "user id" parameter and file name, such as in a recruitment_on...
- EPSS 3.39%
- Veröffentlicht 18.08.2019 17:15:09
- Zuletzt bearbeitet 21.11.2024 04:28:06
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitment_online/personalData/act_personaltab.cfm multiple-part P...
CVE-2019-14932
- EPSS 0.33%
- Veröffentlicht 12.08.2019 13:15:11
- Zuletzt bearbeitet 21.11.2024 04:27:42
The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203 allows remote attackers to access all candidates' information on the website via a modified selApp variable to personalData/resumeDetail.cfm. This includes personal information and...