Lucene search
K

5 matches found

CVE
CVE
added 2018/05/01 7:0 p.m.56 views

CVE-2018-10256

HRSALE The Ultimate HRM v1.0.2 contains a SQL injection vulnerability exploitable via the award_id parameter in the admin/read_awards endpoint. A low-privilege user can influence the SQL query, with PoC payloads demonstrating boolean-based blind injection. Several public references (Exploit-DB, P...

8.8CVSS8.9AI score0.02582EPSS
Exploits5References2Affected Software1
Packet Storm
Packet Storm
added 2018/04/26 12:0 a.m.46 views

HRSALE The Ultimate HRM 1.0.2 SQL Injection

Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac ...

0.1AI score0.02582EPSS
Exploits5
0day.today
0day.today
added 2018/04/26 12:0 a.m.66 views

HRSALE The Ultimate HRM v1.0.2 - award_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version:...

8.9AI score0.02582EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.35 views

HRSALE The Ultimate HRM 1.0.2 - 'award_id' SQL Injection

Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac ...

8.8CVSS8.8AI score0.02582EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/25 12:0 a.m.60 views

HRSALE The Ultimate HRM 1.0.2 - award_id SQL Injection

HRSALE The Ultimate HRM 1.0.2 - awardid SQL Injection Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link:...

6.5CVSS0.1AI score0.02582EPSS
Exploits5
Rows per page
Query Builder