Vendor
Soar Cloud System Co., Ltd.
Products
1
CVEs
6
Across products
6
Status
Private
Products
1- 6 CVEs
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-48784 | 0.00 | — | 0.00 | Jun 6, 2025 | A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization. | ||
| CVE-2025-48783 | 0.00 | — | 0.00 | Jun 6, 2025 | An external control of file name or path vulnerability in the delete file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to delete partial files by specifying arbitrary file paths. | ||
| CVE-2025-48782 | 0.00 | — | 0.01 | Jun 6, 2025 | An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file. | ||
| CVE-2025-48781 | 0.00 | — | 0.00 | Jun 6, 2025 | An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths. | ||
| CVE-2025-48780 | 0.00 | — | 0.01 | Jun 6, 2025 | A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a crafted serialized object. | ||
| CVE-2025-5192 | 0.00 | — | 0.01 | Jun 6, 2025 | A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions. |