SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM prior to 2.6.11.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
orangehrm orangehrm 2.6.5 |
||
orangehrm orangehrm 2.6.4 |
||
orangehrm orangehrm 2.6.10 |
||
orangehrm orangehrm 2.6.3 |
||
orangehrm orangehrm 2.6.2 |
||
orangehrm orangehrm 2.6.8 |
||
orangehrm orangehrm 2.6.7 |
||
orangehrm orangehrm 2.6.6 |
||
orangehrm orangehrm 2.6.0.1 |
||
orangehrm orangehrm |
||
orangehrm orangehrm 2.6.9 |
||
orangehrm orangehrm 2.6.8.1 |
||
orangehrm orangehrm 2.6.1 |
||
orangehrm orangehrm 2.6.0 |