Auieo - CVE CyberSecurity Database News

Nov 3, 2022 XXE PHP Auieo Candidats

CVE-2022-42745 - How XXE Bugs in CandidATS 3.. Allow Hackers to Steal Any File

CandidATS is an open source applicant tracking system, often used by businesses to manage resumes and job applications. In version 3.., though, a serious security

Nov 3, 2022 XSS Exploit PHP Auieo Candidats

CVE-2022-42747 - How a Simple XSS in CandidATS 3.. Lets Hackers Steal Your Cookies

CVE-2022-42747 is a security vulnerability in CandidATS, an open source applicant tracking system, version 3... The problem? It fails to properly validate some user-supplied data

Nov 3, 2022 XSS Exploit PHP Auieo Candidats

CVE-2022-42748 - XSS in CandidATS 3.. lets Attackers Steal User Cookies via ‘sortDirection’

In November 2022, a vulnerability (CVE-2022-42748) was identified in CandidATS version 3.. – a popular open-source applicant tracking system. This bug lets external attackers craft malicious

Nov 3, 2022 SQL PHP Auieo Candidats

CVE-2022-42744 - How a Simple entriesPerPage Parameter Exposed CandidATS 3.. to SQL Injection and Unrestricted Database Operations

In the world of recruitment software, security doesn’t always get the spotlight it deserves. CandidATS—an open-source applicant tracking system—made headlines after the

Nov 3, 2022 XSS PHP Auieo Candidats

CVE-2022-42750 - File Upload Flaw in CandidATS 3.. Lets Attackers Steal User Cookies

CandidATS is a popular open-source applicant tracking system used by many companies. In version 3.., it has a dangerous vulnerability known as CVE-2022-42750. This flaw