Filtered by vendor Boldworkplanner
Subscriptions
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-41091 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 4.3 Medium |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to calendar details using unauthorised internal identifiers. | ||||
| CVE-2025-41099 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 6.5 Medium |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the list of permissions using unauthorised internal identifiers. | ||||
| CVE-2025-41098 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 7.5 High |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a misuse of the general enquiry web service. | ||||
| CVE-2025-41097 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 4.3 Medium |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic employee details using unauthorised internal identifiers. | ||||
| CVE-2025-41096 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 4.3 Medium |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers. | ||||
| CVE-2025-41095 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 4.3 Medium |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to planning counter details using unauthorised internal identifiers. | ||||
| CVE-2025-41094 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 4.3 Medium |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to functional contract details using unauthorised internal identifiers. | ||||
| CVE-2025-41093 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 4.3 Medium |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic contract details using unauthorised internal identifiers. | ||||
| CVE-2025-41092 | 2 Boldworkplanner, Gps | 2 Bold Workplanner, Bold Workplanner | 2025-10-08 | 4.3 Medium |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to time records details using unauthorised internal identifiers. | ||||
Page 1 of 1.