Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-41091 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 4.3 MEDIUM |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to calendar details using unauthorised internal identifiers. | |||||
| CVE-2025-41099 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 6.5 MEDIUM |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the list of permissions using unauthorised internal identifiers. | |||||
| CVE-2025-41098 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 7.5 HIGH |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a misuse of the general enquiry web service. | |||||
| CVE-2025-41097 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 4.3 MEDIUM |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic employee details using unauthorised internal identifiers. | |||||
| CVE-2025-41096 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 4.3 MEDIUM |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to the dates of the current contract details using unauthorised internal identifiers. | |||||
| CVE-2025-41095 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 4.3 MEDIUM |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to planning counter details using unauthorised internal identifiers. | |||||
| CVE-2025-41094 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 4.3 MEDIUM |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to functional contract details using unauthorised internal identifiers. | |||||
| CVE-2025-41093 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 4.3 MEDIUM |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to basic contract details using unauthorised internal identifiers. | |||||
| CVE-2025-41092 | 1 Boldworkplanner | 1 Bold Workplanner | 2025-10-08 | N/A | 4.3 MEDIUM |
| Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2.5.25 (4935b438f9b), consisting of a lack of adequate validation of user input, allowing an authenticated user to access to time records details using unauthorised internal identifiers. | |||||