Auieo - CVE CyberSecurity Database News

Nov 3, 2022 SQL PHP Auieo Candidats

CVE-2022-42744 - How a Simple entriesPerPage Parameter Exposed CandidATS 3.. to SQL Injection and Unrestricted Database Operations

In the world of recruitment software, security doesn’t always get the spotlight it deserves. CandidATS—an open-source applicant tracking system—made headlines after the

Nov 3, 2022 XSS Exploit PHP Auieo Candidats

CVE-2022-42748 - XSS in CandidATS 3.. lets Attackers Steal User Cookies via ‘sortDirection’

In November 2022, a vulnerability (CVE-2022-42748) was identified in CandidATS version 3.. – a popular open-source applicant tracking system. This bug lets external attackers craft malicious

Nov 3, 2022 XSS Exploit PHP Auieo Candidats

CVE-2022-42747 - How a Simple XSS in CandidATS 3.. Lets Hackers Steal Your Cookies

CVE-2022-42747 is a security vulnerability in CandidATS, an open source applicant tracking system, version 3... The problem? It fails to properly validate some user-supplied data

Nov 3, 2022 XXE PHP Auieo Candidats

CVE-2022-42745 - How XXE Bugs in CandidATS 3.. Allow Hackers to Steal Any File

CandidATS is an open source applicant tracking system, often used by businesses to manage resumes and job applications. In version 3.., though, a serious security

CVE-2022-42751 - How a CSRF Vulnerability in CandidATS 3.. Lets Attackers Get Admin Access

Nov 3, 2022 CSRF Exploit Auieo Candidats

CVE-2022-42751 - How a CSRF Vulnerability in CandidATS 3.. Lets Attackers Get Admin Access

CVE-2022-42751 affects CandidATS, an open-source applicant tracking system used by HR departments for managing job applications. This post will break down how an attacker can