11 matches found
EUVD-2020-21435
Malware in sbrugna...
CVE-2020-29053
HRSALE 2.0.0 allows XSS via the admin/project/projectscalendar setdate parameter...
CVE-2020-29053
HRSALE 2.0.0 allows XSS via the admin/project/projectscalendar setdate parameter...
Design/Logic Flaw
HRSALE 2.0.0 allows XSS via the admin/project/projectscalendar setdate parameter...
CVE-2020-29053
HRSALE 2.0.0 allows XSS via the admin/project/projectscalendar setdate parameter...
CVE-2020-27993
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files...
CVE-2020-27993
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files...
Directory traversal
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files...
CVE-2020-27993
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files...
Hrsale 2.0.0 Local File Inclusion
Exploit Title: Hrsale 2.0.0 - Local File Inclusion Date: 10/21/2020 Exploit Author: Sosecure Vendor Homepage: https://hrsale.com/index.php Version: version 2.0.0 Description: This exploit allow you to download any readable file from server with out permission and login session. Payload :...
Hrsale 2.0.0 - Local File Inclusion
Exploit Title: Hrsale 2.0.0 - Local File Inclusion Date: 10/21/2020 Exploit Author: Sosecure Vendor Homepage: https://hrsale.com/index.php Version: version 2.0.0 Description: This exploit allow you to download any readable file from server with out permission and login session. Payload :...