Lucene search
K

5 matches found

NVD
NVD
added 2026/02/05 5:16 p.m.7 views

CVE-2020-37145

HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user...

5.1CVSS0.00156EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/05 4:13 p.m.5 views

CVE-2020-37145 HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)

HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user...

5.1CVSS5.2AI score0.00156EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/05 4:13 p.m.5 views

EUVD-2020-31039

HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user...

5.1CVSS5.2AI score0.00156EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/05 4:13 p.m.27 views

CVE-2020-37145 HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)

HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user...

5.1CVSS0.00156EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.10 views

PT-2026-6587

Name of the Vulnerable Software and Affected Versions HRSALE version 1.1.8 Description HRSALE version 1.1.8 is susceptible to a cross-site request forgery condition. This allows attackers to add unauthorized administrative users via the employee registration form. An attacker can create a malicio...

5.1CVSS5.2AI score0.00156EPSS
Exploits0References5
Rows per page
Query Builder