Sentrifugo Open source HRMS

Settings | Report Duplicate

0

I Use This!

Inactive

Analyzed 6 minutes ago. based on code collected 6 minutes ago.

Security

Vulnerabilities per Version

Learn more about BDSAs

Major Versions

click and drag to zoom

Security Vulnerabilities for Version:

Severities:

Type

Identifier	Related Record	Severity	Date Published	Description	Versions Affected
CVE-2024-29879	BDSA-2024-1415	Medium	Mar 21, 2024	Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'business_id' parameter. more...	3.2
CVE-2024-29878	BDSA-2024-1408	Medium	Mar 21, 2024	Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/sitepreference/add, 'description' parameter. The exploitati more...	3.2
CVE-2024-29877	BDSA-2024-1429	Medium	Mar 21, 2024	Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/expenses/expensecategories/edit, 'expense_category_name' pa more...	3.2
CVE-2024-29876	BDSA-2024-1417	Critical	Mar 21, 2024	SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/reports/activitylogreport, 'sortby' parameter. The exploitation of this more...	3.2
CVE-2024-29875	BDSA-2024-1418	Critical	Mar 21, 2024	SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/default/reports/exportactiveuserrpt, 'sort_name' parameter. The exploitat more...	3.2
CVE-2024-29874	BDSA-2024-1428	Critical	Mar 21, 2024	SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/default/reports/activeuserrptpdf, 'sort_name' parameter. The exploitation more...	3.2
CVE-2024-29873	BDSA-2024-1427	Critical	Mar 21, 2024	SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/reports/businessunits/format/html, 'bunitname' parameter. The exploitation more...	3.2
CVE-2024-29872	BDSA-2024-1426	Critical	Mar 21, 2024	SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/empscreening/add, 'agencyids' parameter. The exploitation of this vulnerab more...	3.2
CVE-2024-29871	BDSA-2024-1416	Critical	Mar 21, 2024	SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/sentrifugo/index.php/index/updatecontactnumber, 'id' more...	3.2
CVE-2024-29870	BDSA-2024-1421	Critical	Mar 21, 2024	SQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'business_id' parameter./sentrifugo/inde more...	3.2

←
1
2
3
→