Skip to main content

Jorani

5 CVEs product

Monthly

CVE-2025-67102 HIGH This Week

A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter. [CVSS 7.6 HIGH]

SQLi Jorani
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2023-2681 HIGH This Week

An SQL Injection vulnerability has been found on Jorani version 1.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Jorani
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-26469 CRITICAL POC THREAT Emergency

In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Jorani
NVD GitHub
CVSS 3.1
9.8
EPSS
81.9%
CVE-2018-15918 MEDIUM POC This Month

An issue was discovered in Jorani 0.6.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jorani
NVD GitHub Exploit-DB
CVSS 3.0
5.4
EPSS
2.9%
CVE-2018-15917 MEDIUM POC This Month

Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jorani
NVD GitHub Exploit-DB
CVSS 3.0
5.4
EPSS
6.5%
EPSS 0% CVSS 7.6
HIGH This Week

A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter. [CVSS 7.6 HIGH]

SQLi Jorani
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

An SQL Injection vulnerability has been found on Jorani version 1.0.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Jorani
NVD
EPSS 82% CVSS 9.8
CRITICAL POC THREAT Emergency

In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Jorani
NVD GitHub
EPSS 3% CVSS 5.4
MEDIUM POC This Month

An issue was discovered in Jorani 0.6.5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jorani
NVD GitHub Exploit-DB
EPSS 6% CVSS 5.4
MEDIUM POC This Month

Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jorani
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy