MidnightBSD

Advisories for scshr

CVE-2023-34357

Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
twcert@cert.org.tw 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
scshr hr_portal 7.3.2023.0705
scshr hr_portal 7.3.2023.0510
CVE-2025-48780

A deserialization of untrusted data vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a crafted serialized object.

Products Affected

Vendor Product Version
scshr hr_portal *
CVE-2025-48781

An external control of file name or path vulnerability in the download file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to obtain partial files by specifying arbitrary file paths.

Products Affected

Vendor Product Version
scshr hr_portal *
CVE-2025-48782

An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file.

Products Affected

Vendor Product Version
scshr hr_portal *
CVE-2025-48783

An external control of file name or path vulnerability in the delete file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to delete partial files by specifying arbitrary file paths.

Products Affected

Vendor Product Version
scshr hr_portal *
CVE-2025-48784

A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization.

Products Affected

Vendor Product Version
scshr hr_portal *
CVE-2025-5192

A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions.

Products Affected

Vendor Product Version
scshr hr_portal *