Boldworkplanner

boldworkplanner

9 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Bold Workplanner

bold_workplanner

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-41099 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 6.5 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to...Show more Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the list of permissions using unauthorised internal identifiers.Show less
CVE-2025-41098 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 7.5 HIGH· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a misuse of the general enquiry web service.
CVE-2025-41097 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 4.3 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to...Show more Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic employee details using unauthorised internal identifiers.Show less
CVE-2025-41096 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 4.3 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to...Show more Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers.Show less
CVE-2025-41095 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 4.3 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to...Show more Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to planning counter details using unauthorised internal identifiers.Show less
CVE-2025-41094 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 4.3 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to...Show more Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to functional contract details using unauthorised internal identifiers.Show less
CVE-2025-41093 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 4.3 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to...Show more Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic contract details using unauthorised internal identifiers.Show less
CVE-2025-41092 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 4.3 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to...Show more Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to time records details using unauthorised internal identifiers.Show less
CVE-2025-41091 1Boldworkplanner 1Bold Workplanner Oct 8, 2025 Sep 30, 2025 7.1 HIGH· v4 4.3 MEDIUM· v3 N/A· v2 Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to...Show more Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to calendar details using unauthorised internal identifiers.Show less