threat
engine
.sh
Back
·
··:··
Home
/
Product
/
horilla
Product
horilla
17 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-3050
< 1.0.3
A flaw has been found in horilla-opensource horilla up to 1.0.2. Impacted is an unknown function of the file static/assets/js/glob
3.5
LOW
CVE-2026-3049
< 1.0.3
A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horilla_ge
4.3
MEDIUM
CVE-2026-24039
all versions
Horilla is a free and open source Human Resource Management System (HRMS). Version 1.4.0 has Improper Access Control, allowing low
4.3
MEDIUM
CVE-2026-24038
all versions
Horilla is a free and open source Human Resource Management System (HRMS). In version 1.4.0, the OTP handling logic has a flawed e
8.1
HIGH
CVE-2026-24037
all versions
Horilla is a free and open source Human Resource Management System (HRMS). In version 1.4.0, the has_xss() function attempts to bl
4.8
MEDIUM
CVE-2026-24036
all versions
Horilla is a free and open source Human Resource Management System (HRMS). Versions 1.4.0 and above expose unpublished job posting
5.3
MEDIUM
CVE-2026-24035
all versions
Horilla is a free and open source Human Resource Management System (HRMS). An Improper Access Control vulnerability exists in Hori
4.3
MEDIUM
CVE-2026-24034
< 1.5.0
Horilla is a free and open source Human Resource Management System (HRMS). In versions prior to 1.5.0, a cross-site scripting vuln
5.4
MEDIUM
CVE-2026-24010
< 1.5.0
Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior
8.0
HIGH
CVE-2025-59832
< 1.4.0
Horilla is a free and open source Human Resource Management System (HRMS). Prior to version 1.4.0, there is a stored XSS vulnerabi
9.9
CRITICAL
CVE-2025-59525
< 1.4.0
Horilla is a free and open source Human Resource Management System (HRMS). Prior to version 1.4.0, improper sanitization across th
6.1
MEDIUM
CVE-2025-59524
< 1.4.0
Horilla is a free and open source Human Resource Management System (HRMS). Prior to version 1.4.0, the file upload flow performs v
6.1
MEDIUM
CVE-2025-48869
all versions
Horilla is a free and open source Human Resource Management System (HRMS). Unauthenticated users can access uploaded resume files
7.5
HIGH
CVE-2025-48867
all versions
Horilla is a free and open source Human Resource Management System (HRMS). A stored cross-site scripting (XSS) vulnerability in Ho
4.8
MEDIUM
CVE-2025-48868
all versions
Horilla is a free and open source Human Resource Management System (HRMS). An authenticated Remote Code Execution (RCE) vulnerabil
7.2
HIGH
CVE-2025-47789
< 1.3.1
Horilla is a free and open source Human Resource Management System (HRMS). In versions up to and including 1.3, an attacker can cr
6.1
MEDIUM
CVE-2024-12138
<= 1.2.1
A vulnerability classified as critical was found in horilla up to 1.2.1. This vulnerability affects the function request_new/get_e
6.3
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin