Filtered by vendor Hrsale Project
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-10257 | 1 Hrsale Project | 1 Hrsale | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution. | |||||
CVE-2018-10260 | 1 Hrsale Project | 1 Hrsale | 2018-06-13 | 6.5 MEDIUM | 8.8 HIGH |
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user. | |||||
CVE-2018-10256 | 1 Hrsale Project | 1 Hrsale | 2018-06-13 | 6.5 MEDIUM | 8.8 HIGH |
A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query. | |||||
CVE-2018-10259 | 1 Hrsale Project | 1 Hrsale | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user. |