Scshr

scshr

7 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-5192 1Scshr 1Hr Portal Feb 4, 2026 Jun 6, 2025 9.3 CRITICAL· v4 7.5 HIGH· v3 N/A· v2 A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and...Show more A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions.Show less
CVE-2025-48784 1Scshr 1Hr Portal Feb 4, 2026 Jun 6, 2025 8.8 HIGH· v4 7.5 HIGH· v3 N/A· v2 A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization.
CVE-2025-48783 1Scshr 1Hr Portal Feb 4, 2026 Jun 6, 2025 8.8 HIGH· v4 7.5 HIGH· v3 N/A· v2 An external control of file name or path vulnerability in the delete file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to delete partial files by speci...Show more An external control of file name or path vulnerability in the delete file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to delete partial files by specifying arbitrary file paths.Show less
CVE-2025-48782 1Scshr 1Hr Portal Feb 4, 2026 Jun 6, 2025 9.9 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary s...Show more An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file.Show less
CVE-2025-48781 1Scshr 1Hr Portal Feb 4, 2026 Jun 6, 2025 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by spe...Show more An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths.Show less
CVE-2025-48780 1Scshr 1Hr Portal Feb 4, 2026 Jun 6, 2025 9.9 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system command...Show more A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a crafted serialized object.Show less
CVE-2023-34357 1Scshr 1Hr Portal Nov 21, 2024 Sep 7, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the ex...Show more Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account. Show less