Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25509 | 1 Ruvar | 1 Ruvaroa | 2025-04-16 | N/A | 9.4 CRITICAL |
| RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkFlow/wf_file_download.aspx. | |||||
| CVE-2024-25510 | 1 Ruvar | 1 Ruvaroa | 2025-04-16 | N/A | 9.8 CRITICAL |
| RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/address_public_show.aspx. | |||||
| CVE-2024-25511 | 1 Ruvar | 1 Ruvaroa | 2025-04-16 | N/A | 9.4 CRITICAL |
| RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /AddressBook/address_public_new.aspx. | |||||
| CVE-2024-25513 | 1 Ruvar | 1 Ruvaroa | 2025-04-16 | N/A | 7.8 HIGH |
| RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the file_id parameter at /CorporateCulture/kaizen_download.aspx. | |||||
| CVE-2024-25514 | 1 Ruvar | 1 Ruvaroa | 2025-04-16 | N/A | 9.4 CRITICAL |
| RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the template_id parameter at /SysManage/wf_template_child_field_list.aspx. | |||||
| CVE-2024-25515 | 1 Ruvar | 1 Ruvaroa | 2025-04-16 | N/A | 7.3 HIGH |
| RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the sys_file_storage_id parameter at /WorkFlow/wf_work_finish_file_down.aspx. | |||||