Vulnerability Database

296,317

Total vulnerabilities in the database

CVE-2024-36428

OrangeHRM 3.3.3 allows admin/viewProjects sortOrder SQL injection.

Published: May 28, 2024
Updated: Jun 24, 2025
CVE: CVE-2024-36428
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
orangehrm / orangehrm	3.3.3	3.3.3.x