EUVD-2026-34984
GHSA-44h7-ppq3-383m
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was found in Tiobon Employee Self-Service System up to 7.2. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
SQL injection in Tiobon Employee Self-Service System versions up to 7.2 allows authenticated remote attackers to manipulate the Keyword parameter in /Blog/BlogSearch.aspx, executing arbitrary SQL against the underlying database with low impact across confidentiality, integrity, and availability. Publicly available exploit code exists and has been disclosed via VulDB, while the vendor failed to respond to responsible disclosure, leaving no vendor-released patch at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The CVSS vector PR:L confirms that low-privileged authenticated access to the Tiobon Employee Self-Service System is required - unauthenticated exploitation is not indicated by available data. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 6.3 (Medium) reflects a network-reachable attack (AV:N), low complexity (AC:L), low-privilege requirement (PR:L), no user interaction (UI:N), and unchanged scope (S:U), with low impact on confidentiality, integrity, and availability (C:L/I:L/A:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained low-privilege credentials to the Tiobon Employee Self-Service System - through credential stuffing, phishing, or insider access - authenticates to the application and sends a crafted HTTP request to /Blog/BlogSearch.aspx with a SQL-injected Keyword parameter value such as a UNION-based or Boolean-based payload. The unsanitized input alters the SQL query executed against the backend database, allowing the attacker to enumerate table structures, extract employee PII or credentials, or modify records. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the vendor did not respond to responsible disclosure, and no official fix version is available. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today