CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-6337

Malware in sbrugna...

8.8CVSS8.6AI score0.00666EPSS

Exploits5References3

Patchstack•added 2017/10/11 12:0 a.m.•17 views

WordPress WPHRM plugin <= 1.0 - Authenticated SQL Injection

WordPress WPHRM plugin Authenticated SQL Injection allows an attacker to inject SQL commands via the employeeid $GET param. Solution Update the plugin...

8.8CVSS5AI score0.00666EPSS

Exploits5References2Affected Software1

NVD•added 2017/10/03 1:29 a.m.•17 views

CVE-2017-14848

WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employeeid parameter...

8.8CVSS9.2AI score0.00666EPSS

Exploits5References2

Cvelist•added 2017/10/02 9:0 p.m.•17 views

CVE-2017-14848

WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employeeid parameter...

9.2AI score0.00666EPSS

Exploits5References2

CVE•added 2017/10/02 9:0 p.m.•63 views

CVE-2017-14848

The CVE-2017-14848 entry corresponds to the WordPress WPHRM plugin (WordPress) vulnerability: authenticated SQL injection via the employee_id parameter, affecting version 1.0 and earlier. Technical details across connected sources confirm the issue arises from unsafely handling the employee_id in...

8.8CVSS9.1AI score0.00666EPSS

Exploits5References2Affected Software1

0day.today•added 2017/10/02 12:0 a.m.•39 views

WordPress WPHRM Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin WPHRM - SQL Injection Dork: N/A Date: 29.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/wphrm-human-resource-management-system-for-wordpress/20555857 Demo:...

9.1AI score0.00666EPSS

Exploits5

Exploit DB•added 2017/09/29 12:0 a.m.•47 views

WordPress Plugin WPHRM - SQL Injection

Exploit Title: WordPress Plugin WPHRM - SQL Injection Dork: N/A Date: 29.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/wphrm-human-resource-management-system-for-wordpress/20555857 Demo: http://mobilewebs.net/mojoomla/extend/wordpress/wphrm/ Version: N/A...

8.8CVSS8.8AI score0.00666EPSS

Exploits5

exploitpack•added 2017/09/29 12:0 a.m.•19 views

WordPress Plugin WPHRM - SQL Injection

WordPress Plugin WPHRM - SQL Injection Exploit Title: WordPress Plugin WPHRM - SQL Injection Dork: N/A Date: 29.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/wphrm-human-resource-management-system-for-wordpress/20555857 Demo:...

6.5CVSS9.3AI score0.00666EPSS

Exploits5

wpexploit•added 2017/09/09 12:0 a.m.•21 views

WPHRM <= 1.0 - Authenticated SQL Injection

The vulnerability allows an employee users to inject SQL commands. http://localhost/PATH/?hr-dashboard=user&page=message&tab=viewmessage&from=inbox&id=SQL-23+union+select 1,2,3,4,5,SELECT+GROUPCONCATtablename+SEPARATOR+0x3c62723e+FROM+INFORMATIONSCHEMA.TABLES+WHERE+TABLESCHEMA=DATABASE,7,8--%20-...

6.5CVSS3.2AI score0.00666EPSS

Exploits5References2

WPVulnDB•added 2017/09/09 12:0 a.m.•18 views

WPHRM <= 1.0 - Authenticated SQL Injection

The vulnerability allows an employee users to inject SQL commands. PoC http://localhost/PATH/?hr-dashboard=user=message=viewmessage=inbox=SQL-23+union+select 1,2,3,4,5,SELECT+GROUPCONCATtablename+SEPARATOR+0x3c62723e+FROM+INFORMATIONSCHEMA.TABLES+WHERE+TABLESCHEMA=DATABASE,7,8--%20-...

6.5CVSS2AI score0.00666EPSS

Exploits5References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by