Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

hrms

Source -

CNANVD

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

1
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2025-1815
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.03% / 5.62%
||
7 Day CHG~0.00%
Published-02 Mar, 2025 | 12:00
Updated-03 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
pbrong hrms resource.go HrmsDB improper authorization

A vulnerability, which was classified as critical, was found in pbrong hrms up to 1.0.1. This affects the function HrmsDB of the file \resource\resource.go. The manipulation of the argument user_cookie leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-pbrong
Product-hrms
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-285
Improper Authorization
CVE-2004-2435
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.55% / 66.88%
||
7 Day CHG~0.00%
Published-20 Aug, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources Management System (HRMS) 7.0, when "web enabled" using HTML Access, allows remote attackers to inject arbitrary web script or HTML via unspecified (1) debugging or (2) utility scripts.

Action-Not Available
Vendor-peoplesoftn/a
Product-hrmsn/a