5 matches found
CVE-2018-10256
HRSALE The Ultimate HRM v1.0.2 contains a SQL injection vulnerability exploitable via the award_id parameter in the admin/read_awards endpoint. A low-privilege user can influence the SQL query, with PoC payloads demonstrating boolean-based blind injection. Several public references (Exploit-DB, P...
HRSALE The Ultimate HRM 1.0.2 SQL Injection
Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac ...
HRSALE The Ultimate HRM v1.0.2 - award_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version:...
HRSALE The Ultimate HRM 1.0.2 - 'award_id' SQL Injection
Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac ...
HRSALE The Ultimate HRM 1.0.2 - award_id SQL Injection
HRSALE The Ultimate HRM 1.0.2 - awardid SQL Injection Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link:...