Product
learningdigital orca hcm
11 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-1389
CVE-2025-1388
CVE-2025-1387
CVE-2024-8585
CVE-2024-8584
CVE-2021-35968
CVE-2021-35967
CVE-2021-35966
CVE-2021-35965
CVE-2021-35964
CVE-2021-35963
< 11.0
Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular privileges to inject arbitrary S
< 11.0
Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to up
< 11.0
Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to log in t
< 11.0
Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remot
< 11.0
Orca HCM from LEARNING DIGITAL has an Missing Authentication vulnerability, allowing unauthenticated remote attacker to exploit th
<= 10.0
The directory list page parameter of the Orca HCM digital learning platform fails to filter special characters properly. Remote at
<= 10.0
The directory page parameter of the Orca HCM digital learning platform does not filter special characters. Remote attackers can ac
<= 10.0
The specific function of the Orca HCM digital learning platform does not filter input parameters properly, which causing the URL c
<= 10.0
The Orca HCM digital learning platform uses a weak factory default administrator password, which is hard-coded in the source code
<= 10.0
The management page of the Orca HCM digital learning platform does not perform identity verification, which allows remote attacker
<= 10.0
The specific parameter of upload function of the Orca HCM digital learning platform does not filter file format, which allows remo