CVE-2025-67102 | bbalet Jorani up to 1.0.4 Alldayoffs Feature entity sql injection

Inserito da Angelo Barbosa | Feb 17, 2026 | CVE

A vulnerability, which was classified as critical, was found in bbalet Jorani up to 1.0.4. This vulnerability affects unknown code of the component Alldayoffs Feature. The manipulation of the argument entity results in sql injection.

This vulnerability is cataloged as CVE-2025-67102. The attack may be launched remotely. There is no exploit available.

CVE-2025-67102 | bbalet Jorani up to 1.0.4 Alldayoffs Feature entity sql injection

Post correlati

CVE-2024-34943 | Tenda FH1206 1.2.0.8(8155)_EN NatStaticSetting page stack-based overflow

CVE-2024-29202 | JumpServer up to 3.10.6 Jinja2 Template code injection (GHSA-2vvr-vmvx-73ch)

CVE-2025-58732 | Microsoft

CVE-2025-55283 | aiven aiven-db-migrate up to 1.0.6 command injection