Smartofficepayroll: Security Vulnerabilities
An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx.
CVSS Score
7.5
EPSS Score
0.907
Published
2023-02-28
An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx.
CVSS Score
7.5
EPSS Score
0.119
Published
2023-02-28