67 matches found
CVE-2024-51423
Cross Site Scripting vulnerability in Infor Global HR GHR v.11.23.03.00.21 and before allows a remote attacker to execute arbitrary code via the class parameter...
CVE-2024-51423
CVE-2024-51423 affects Infor Global HR GHR versions 11.23.03.00.21 and earlier. The issue is a Cross Site Scripting vulnerability via the class parameter that could allow a remote attacker to execute arbitrary code. Several sources (Red Hat, NVD, CNNVD, CVE listings) corroborate this, with a CVSS...
PT-2025-35573
Name of the Vulnerable Software and Affected Versions: Infor Global HR GHR versions 11.23.03.00.21 and before Description: A Cross Site Scripting issue exists in Infor Global HR GHR that allows a remote attacker to execute arbitrary code via the class parameter. Recommendations: Update Infor Glob...
Infor Global HR 安全漏洞
Infor Global HR is a software from Infor, Inc. with unified management of global employee data. A security vulnerability exists in Infor Global HR version 11.23.03.00.21 and earlier, which stems from improper handling of the class parameter and could lead to remote code execution...
CVE-2024-51423
Cross Site Scripting vulnerability in Infor Global HR GHR v.11.23.03.00.21 and before allows a remote attacker to execute arbitrary code via the class parameter...
CVE-2024-51423
Cross Site Scripting vulnerability in Infor Global HR GHR v.11.23.03.00.21 and before allows a remote attacker to execute arbitrary code via the class parameter...
CVE-2020-29054
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices...
Infor Storefront B2B 1.0 SQL Injection
Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Date: 2020-06-27 Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Versions POC Multiple Vulns python sqlmap.py...
Infor Storefront B2B 1.0 - (usr_name) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Version...
Infor Storefront B2B 1.0 - 'usr_name' SQL Injection
Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Date: 2020-06-27 Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Versions POC Multiple Vulns python sqlmap.py...
tapaa.or.th XSS vulnerability
Vulnerable URL: http://tapaa.or.th/infor-article.php?id=5%22%3E%3Cscript%3Ealert0;%3C%2Fscript%3E〈=en Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...
INFOR EAM SQL Injection Vulnerability
Infor EAM is the best configurable enterprise-class asset management solution on the market. Improve capital asset management by increasing reliability, enhancing predictive maintenance, ensuring regulatory compliance, reducing energy consumption, and supporting sustainability programs. An SQL...
INFOR EAM Cross-Site Scripting Attack Vulnerability
Infor EAM is the best configurable enterprise-class asset management solution on the market. Improve capital asset management by increasing reliability, enhancing predictive maintenance, ensuring regulatory compliance, reducing energy consumption, and supporting sustainability programs. A...
INFOR EAM 11.0 Build 201410 - filtervalue SQL Injection
INFOR EAM 11.0 Build 201410 - filtervalue SQL Injection SQL injection in INFOR EAM V11.0 Build 201410 search fields web/base/.. via filtervalue parameter ------------------- Assigned CVE: CVE-2017-7952 Reproduction steps: ------------------- 1. Log in with your EAM account 2. Go to any page with ...
INFOR EAM 11.0 Build 201410 - Persistent Cross-Site Scripting via Comment Fields
INFOR EAM 11.0 Build 201410 - Persistent Cross-Site Scripting via Comment Fields Stored XSS in INFOR EAM V11.0 Build 201410 via comment fields ------------------- Assigned CVE: CVE-2017-7953 Reproduction steps: ------------------- 1. Log in with your EAM account 2. Go to the jobs page 3. Click on...
INFOR EAM 11.0 Build 201410 - filtervalue SQL Injection Vulnerability
Exploit for multiple platform in category web applications SQL injection in INFOR EAM V11.0 Build 201410 search fields web/base/.. via filtervalue parameter ------------------- Assigned CVE: CVE-2017-7952 Reproduction steps: ------------------- 1. Log in with your EAM account 2. Go to any page wi...
INFOR EAM 11.0 Build 201410 - Persistent Cross-Site Scripting via Comment Fields Vulnerability
Exploit for multiple platform in category web applications Stored XSS in INFOR EAM V11.0 Build 201410 via comment fields ------------------- Assigned CVE: CVE-2017-7953 Reproduction steps: ------------------- 1. Log in with your EAM account 2. Go to the jobs page 3. Click on a record and open its...
INFOR EAM 11.0 Build 201410 - Persistent Cross-Site Scripting via Comment Fields
Stored XSS in INFOR EAM V11.0 Build 201410 via comment fields ------------------- Assigned CVE: CVE-2017-7953 Reproduction steps: ------------------- 1. Log in with your EAM account 2. Go to the jobs page 3. Click on a record and open its page 4. Go to "Comments" tab 4. Click the add new comment...
INFOR EAM 11.0 Build 201410 - 'filtervalue' SQL Injection
SQL injection in INFOR EAM V11.0 Build 201410 search fields web/base/.. via filtervalue parameter ------------------- Assigned CVE: CVE-2017-7952 Reproduction steps: ------------------- 1. Log in with your EAM account 2. Go to any page with a search or filter field in it for example...
CVE-2017-7952
INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter...